Vulnerabilites related to windriver - vxworks
Vulnerability from fkie_nvd
Published
2021-04-13 17:15
Modified
2024-11-21 06:02
Severity ?
Summary
An issue was discovered in Wind River VxWorks before 6.5. There is a possible heap overflow in dhcp client.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://cert-portal.siemens.com/productcert/pdf/ssa-560465.pdf | Third Party Advisory | |
| cve@mitre.org | https://cert-portal.siemens.com/productcert/pdf/ssa-910883.pdf | Third Party Advisory | |
| cve@mitre.org | https://support2.windriver.com/index.php?page=security-notices | Vendor Advisory | |
| cve@mitre.org | https://us-cert.cisa.gov/ics/advisories/icsa-21-194-12 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-560465.pdf | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-910883.pdf | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support2.windriver.com/index.php?page=security-notices | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://us-cert.cisa.gov/ics/advisories/icsa-21-194-12 | Third Party Advisory, US Government Resource |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", matchCriteriaId: "03B0DF42-7A4C-4D11-845C-43FDD54C3E18", versionEndExcluding: "6.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win_subscriber_station_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "789B059C-4E07-44A3-A69F-A77FEC3ED3D2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win_subscriber_station:-:*:*:*:*:*:*:*", matchCriteriaId: "8442F026-8F07-40C1-8845-460FE87DD16E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x200-4_p_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5402555C-7F00-4CB2-8EB7-8CC678170C58", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x200-4_p_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "73E42E20-18CB-40A7-B6D5-751F26303995", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x201-3p_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3F45960F-8E24-497B-86D3-40816FDAFCAE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x201-3p_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "3268CF75-6DAB-416A-B19B-2A8F95C268CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x201-3p_irt_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E81C7358-632C-47AC-A2D2-F3C390CC452A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x201-3p_irt_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "492E8AC1-338B-4AC3-90C7-1FADCD4528C4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x202-2_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "68AB0A4C-7867-4C50-A500-9D7F00219B5C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x202-2_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "577D1E21-717C-4508-AE91-0BC490C89F85", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x202-2p_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "11AEF3D6-96B0-431F-A664-E8E281CDA61C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x202-2p_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "CEB62730-E759-455A-A308-F9DB084B35B5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x202-2p_irt_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "70610406-76B7-47E6-A389-622074C72617", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x202-2p_irt_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "F4726901-34BF-4F70-80A6-71648A4A29FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x204_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "538627CD-9730-4F63-83A8-CA9C447E4766", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x204_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "0BC31F0E-389B-4925-88DE-726F2F0D2A23", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x204_irt_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "034BA07A-82E8-49BC-A392-55D617BB52D2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x204_irt_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "8FF096BA-A6F4-46B3-9B9B-7FCEE7E6A6C3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x204-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5C3DA812-8E86-4C23-B92D-3655575B2676", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x204-2:-:*:*:*:*:*:*:*", matchCriteriaId: "E38CE5A4-3EB1-4E93-BEB7-520E08DA6720", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x204-2fm_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E170F607-8B16-4F54-81E5-97F0D02D1EB7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x204-2fm:-:*:*:*:*:*:*:*", matchCriteriaId: "1FCBC784-8EA0-4C6C-B504-DFC164028E4B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x204-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5DA642A1-6054-48FB-A6B8-8E0859B377D3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x204-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "2BE27611-53E7-4162-8630-5BC334B02E37", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x204-2ld_ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BF1A11A6-1ECD-4F41-9175-90E78D097B5B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x204-2ld_ts:-:*:*:*:*:*:*:*", matchCriteriaId: "1FDEBD6B-6BE4-4FAD-A4E6-BE762595434D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x204-2ts_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "56885E0C-CF3A-4DBC-87D1-113A2578C641", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x204-2ts:-:*:*:*:*:*:*:*", matchCriteriaId: "E5FFC1E9-4326-4F41-A86A-C52AB6A9A674", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x206-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B90335-C0B4-4AB8-89ED-C7DE860871CC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x206-1:-:*:*:*:*:*:*:*", matchCriteriaId: "0A5BB0F2-DD4C-4AB4-9B8F-B2501B239080", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x206-1ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BCC23F70-522C-4963-87C7-9F28D3D2C1E1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x206-1ld:-:*:*:*:*:*:*:*", matchCriteriaId: "6DFF7FB7-774B-45ED-8400-951230DF0511", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "697984F9-8A95-42A4-BCA9-D181D849299E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x208:-:*:*:*:*:*:*:*", matchCriteriaId: "B3B574E2-F7BA-496B-887C-D25F386AA5E1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x208_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6AF06E74-9DD6-42BF-85FB-CB6A50D25063", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x208_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "C2C9BA52-59BD-49B2-B932-9A364D9E6365", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x212-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2620D247-4608-44CF-90B2-1097D98EB067", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x212-2:-:*:*:*:*:*:*:*", matchCriteriaId: "4E716A4E-50A9-4C52-8DA9-098F7506F4B5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x212-2ld_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A1B0864B-8696-42B9-A409-958D879294D3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x212-2ld:-:*:*:*:*:*:*:*", matchCriteriaId: "C08CDEE3-43EB-475E-8571-6E12824714FD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x216_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8D73D50F-6BC0-47A3-BBCE-51AC3E42E6D7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x216:-:*:*:*:*:*:*:*", matchCriteriaId: "F0C4BAB5-E161-4B59-8A8C-369C7852A66E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x224_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "39963CE4-018F-4229-90BF-F647F4E264AD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x224:-:*:*:*:*:*:*:*", matchCriteriaId: "D2203895-BC4E-4B2F-9110-C2CD88A121F2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "42E2C599-41E1-473A-8E05-011C5DE120D1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x300:-:*:*:*:*:*:*:*", matchCriteriaId: "E3F6299B-D7E3-4750-B016-7DCBC83C2287", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_x408_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "161EF365-C693-4FFE-97DF-DE96B84B98A5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_x408:-:*:*:*:*:*:*:*", matchCriteriaId: "47F713E4-4B75-476E-BC21-92CA10198AE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf201-3p_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3C4E4AA9-CDFF-4742-8680-79711FBE865D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf201-3p_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "41614C70-97B4-44C8-A441-530A413A26F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf202-2p_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "08E037EF-75CD-4A27-96BC-7DAF113A7BE5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf202-2p_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "6751FB7D-C72C-4321-B535-5880FE696FC3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "89727F5E-2482-4C47-BAF7-91735B098790", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204:-:*:*:*:*:*:*:*", matchCriteriaId: "0F1AE867-67B4-4871-BF56-88017533A737", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "57808C94-3438-4DA9-9995-6CE2FCA06D59", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "25DDF1EB-80E7-491F-A197-1B220E35CDF1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204-2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5F0D5718-455A-4FE1-B2D4-14CD1A3C4096", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204-2:-:*:*:*:*:*:*:*", matchCriteriaId: "69285324-4C0B-4BDC-B60D-F653679DD52D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4F316894-3BBB-4B72-8636-23868BF557AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf204-2ba_irt:-:*:*:*:*:*:*:*", matchCriteriaId: "99E6AFAA-B903-47BB-B0F3-7650B039C0FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf206-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6D7CC146-F73F-4635-A356-DE0CA8D8DE59", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf206-1:-:*:*:*:*:*:*:*", matchCriteriaId: "2B40D2EB-5C69-47FA-801B-DC48407D418C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf208_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5446CA2B-054C-4804-BBDD-685A8F802FF0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf208:-:*:*:*:*:*:*:*", matchCriteriaId: "898613B2-4A9D-44B9-A3FC-4347A2AD7CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf_181_eip_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B750B38E-EB65-4812-B9AA-33CA3F887B80", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf_181_eip:-:*:*:*:*:*:*:*", matchCriteriaId: "69DC3D78-6E5C-4623-A416-D135DC978D57", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf_182c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B7DFC5CB-F4DF-489E-B438-7FD5E4061DF7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf_182c:-:*:*:*:*:*:*:*", matchCriteriaId: "0074582F-B557-462A-9A77-13EAE9F8654F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sinamics_perfect_harmony_gh180_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6E22ACA9-EBF1-43D0-ADC2-DA9A965CEDB8", versionEndExcluding: "2022", versionStartIncluding: "2015", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sinamics_perfect_harmony_gh180:-:*:*:*:*:*:*:*", matchCriteriaId: "D1C86C1E-8320-4C73-80C9-E4257E7A7D31", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in Wind River VxWorks before 6.5. There is a possible heap overflow in dhcp client.", }, { lang: "es", value: "Se detectó un problema en Wind River VxWorks versiones anteriores a 6.5. Se presenta un posible desbordamiento de la pila en el cliente dhcp", }, ], id: "CVE-2021-29998", lastModified: "2024-11-21T06:02:08.550", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-04-13T17:15:12.310", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-560465.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-910883.pdf", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-194-12", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-560465.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-910883.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-194-12", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-03 16:15
Modified
2024-11-21 05:23
Severity ?
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Summary
In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| windriver | vxworks | * | |
| windriver | vxworks | 6.9.4.12 | |
| windriver | vxworks | 6.9.4.12 | |
| oracle | communications_eagle | * | |
| oracle | communications_eagle | * | |
| oracle | communications_eagle | 46.7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", matchCriteriaId: "2E27E761-92D8-4A67-8D23-213E0C7BFFC6", versionEndExcluding: "6.9.4.12", versionStartIncluding: "6.9", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.9.4.12:-:*:*:*:*:*:*", matchCriteriaId: "69674D4D-2848-46BA-9367-7AA85EE2CD99", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.9.4.12:rolling_cumulative_patch_layer1:*:*:*:*:*:*", matchCriteriaId: "1052B8F5-1BC4-46B6-A8F1-F1BF9A40DDAF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_eagle:*:*:*:*:*:*:*:*", matchCriteriaId: "1507EFE2-DA83-42D7-B075-91EE060B6B35", versionEndIncluding: "48.6.2", versionStartIncluding: "46.8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_eagle:*:*:*:*:*:*:*:*", matchCriteriaId: "4143A5F6-CD91-4209-A52B-98854CCAC987", versionEndIncluding: "46.9.3", versionStartIncluding: "46.9.1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_eagle:46.7.0:*:*:*:*:*:*:*", matchCriteriaId: "9FED9166-7A2A-453D-9792-7A6361CEF594", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption.", }, { lang: "es", value: "En Wind River VxWorks, el asignador de memoria presenta un posible desbordamiento en el calculo del tamaño del bloque de memoria que se asignará por medio de la función calloc(). Como resultado, la memoria real asignada es menor que el tamaño del búfer especificado por los argumentos, conllevando a una corrupción en la memoria", }, ], id: "CVE-2020-28895", lastModified: "2024-11-21T05:23:14.430", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.4, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-03T16:15:13.633", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-28895", }, { source: "cve@mitre.org", tags: [ "Permissions Required", ], url: "https://support2.windriver.com/index.php?page=defects&on=view&id=V7LIBC-1327", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-28895", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://support2.windriver.com/index.php?page=defects&on=view&id=V7LIBC-1327", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-08-09 18:15
Modified
2024-11-21 04:22
Severity ?
Summary
Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP client component. There is an IPNET security vulnerability: Heap overflow in DHCP Offer/ACK parsing inside ipdhcpc.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", matchCriteriaId: "326AA5C8-31F6-4107-93AF-1F64C1D9129E", versionEndExcluding: "6.9.4", versionStartIncluding: "6.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "16C417C4-DC9B-48A8-AEAE-755BCC2DA389", versionEndIncluding: "5.9.0.7", versionStartIncluding: "5.9.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "3F047B55-4AAB-438D-BBF2-A0BAD4A5AFB2", versionEndIncluding: "5.9.1.12", versionStartIncluding: "5.9.1.0.", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "90EA3BDF-084B-4D67-B0EF-4D27CA0EF283", versionEndIncluding: "6.2.3.1", versionStartIncluding: "6.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "D59A1A87-D7B3-4F38-A83E-8CBF0A55A476", versionEndIncluding: "6.2.4.3", versionStartIncluding: "6.2.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "C306A1CA-3A13-4085-A481-25A6B2D2412A", versionEndIncluding: "6.2.5.3", versionStartIncluding: "6.2.5.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "819517C6-9288-45B1-96B0-90B05AA5F3C4", versionEndIncluding: "6.2.6.1", versionStartIncluding: "6.2.6.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "31148F5D-C86F-463D-9A5B-9D82515EF901", versionEndIncluding: "6.2.7.4", versionStartIncluding: "6.2.7.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "24520D09-E8D2-43BE-A4D3-19FE828A4309", versionEndIncluding: "6.2.9.2", versionStartIncluding: "6.2.9.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "DF416ABF-027E-4571-A81C-36280BFAA1F1", versionEndIncluding: "6.5.0.3", versionStartIncluding: "6.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "8C253EDA-69CE-4C3A-9ABF-A7C55CEFA29C", versionEndIncluding: "6.5.1.4", versionStartIncluding: "6.5.1.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "70C43F8A-0B85-4042-B691-8FDC841A3C2B", versionEndIncluding: "6.5.2.3", versionStartIncluding: "6.5.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "1F26B212-EE89-485A-A414-553C0F39DCA3", versionEndIncluding: "6.5.3.3", versionStartIncluding: "6.5.3.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "E6BA5213-EA5E-423B-9207-E06AED2917B3", versionEndIncluding: "6.5.4.3", versionStartIncluding: "6.5.4.0.", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:6.2.7.0:*:*:*:*:*:*:*", matchCriteriaId: "7BC6DEEC-5FB4-4017-B8F0-99A17AD93A52", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:6.2.7.1:*:*:*:*:*:*:*", matchCriteriaId: "DA6DA86B-D7E7-48E6-B841-206B9501DA67", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:6.2.7.7:*:*:*:*:*:*:*", matchCriteriaId: "D0A2A903-3092-40FB-99FE-B864C52D343E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp200", matchCriteriaId: "E7F2B915-D41F-4D3C-A52D-A63AB729716F", versionEndExcluding: "7.59", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", matchCriteriaId: "6E0F0E17-7BE6-40B8-985B-DF2F5F9D2CA7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "2E243199-8506-4F65-9C22-2CBD50208F0D", versionEndIncluding: "8.40.50.00", versionStartIncluding: "8.00", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp300", matchCriteriaId: "00314478-416E-488B-ADBF-DDED873ABE41", versionEndExcluding: "7.91", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", matchCriteriaId: "6E0F0E17-7BE6-40B8-985B-DF2F5F9D2CA7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "47C998D1-9DD5-4470-9241-174170541408", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7000:-:*:*:*:*:*:*:*", matchCriteriaId: "BD6F6C12-9373-48F2-B576-C9AC7A287B53", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7018_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8216AFC1-213B-4E31-8660-5161E08A7C4E", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7018:-:*:*:*:*:*:*:*", matchCriteriaId: "FC0F5DBF-4730-40CE-B9CE-DD4DA31D3ED6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7025_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AE5D7B8D-E74F-4839-8839-23894307992D", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7025:-:*:*:*:*:*:*:*", matchCriteriaId: "63967CFD-D35C-4793-858A-032C44E282F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD25C864-C272-45B7-8EC5-9120DF6A2072", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7200:-:*:*:*:*:*:*:*", matchCriteriaId: "F7146409-09B7-499C-9544-361B234E952D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "3950CA89-B400-427C-B6F2-54337AB694E0", versionEndIncluding: "07.0.07", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_ees20:-:*:*:*:*:*:*:*", matchCriteriaId: "D35A90AD-034E-434A-B989-4F871E0AD9A5", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_ees25:-:*:*:*:*:*:*:*", matchCriteriaId: "F3EF7BBA-2BCC-4A16-BBEE-E67CE8F95BE4", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eesx20:-:*:*:*:*:*:*:*", matchCriteriaId: "76F453AF-21B0-4611-95D7-88AD821632E8", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eesx30:-:*:*:*:*:*:*:*", matchCriteriaId: "BE6A655D-ED55-4344-9F75-5995371C87C3", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1020:-:*:*:*:*:*:*:*", matchCriteriaId: "29576107-85D0-4877-875F-7F60EFDB803D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1030:-:*:*:*:*:*:*:*", matchCriteriaId: "FF6200A3-7B4F-4A8E-B9DC-EE6A82093C20", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1042:-:*:*:*:*:*:*:*", matchCriteriaId: "DEBA19D8-8B2D-4AD0-AA77-A3139C33F44D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1120:-:*:*:*:*:*:*:*", matchCriteriaId: "1B4F7FEA-BB1F-405E-A047-87D0BF0DF054", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1130:-:*:*:*:*:*:*:*", matchCriteriaId: "641912E2-C368-4438-8D5C-F6615B9FDABC", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1142:-:*:*:*:*:*:*:*", matchCriteriaId: "F86BB5E8-4499-4E4F-AE5E-1471B297C16F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_msp30:-:*:*:*:*:*:*:*", matchCriteriaId: "E89FAE18-5B44-4203-ABFD-BC40AF7E51BE", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_msp32:-:*:*:*:*:*:*:*", matchCriteriaId: "8D0DFE2E-2356-46D6-B2D9-89FD907CA168", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rail_switch_power_lite:-:*:*:*:*:*:*:*", matchCriteriaId: "FDE06D94-B686-4468-86CF-AA68BB5CFEF4", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rail_switch_power_smart:-:*:*:*:*:*:*:*", matchCriteriaId: "BC6487F7-284A-40C2-B70D-9380AD2A47C1", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_red25:-:*:*:*:*:*:*:*", matchCriteriaId: "79354FA2-4C48-4506-94BE-7B9ECB18015D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp20:-:*:*:*:*:*:*:*", matchCriteriaId: "DED918F8-041E-4FFC-AFE8-484828696EDB", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp25:-:*:*:*:*:*:*:*", matchCriteriaId: "4ED7974C-BBE6-4BAE-8962-7B5638C7AE20", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp30:-:*:*:*:*:*:*:*", matchCriteriaId: "5EE16D46-7BA9-43D4-BB4E-1B638CE6C41B", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp35:-:*:*:*:*:*:*:*", matchCriteriaId: "165B837A-EF09-489F-BD7C-54107F491BC8", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe30:-:*:*:*:*:*:*:*", matchCriteriaId: "C06BF302-8E62-41DB-AA67-6369527B598F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe32:-:*:*:*:*:*:*:*", matchCriteriaId: "56D29DAB-C5D6-4539-86E4-43624FB957A9", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe35:-:*:*:*:*:*:*:*", matchCriteriaId: "305A9B3E-786C-4F8E-BE36-B4ED84650288", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe37:-:*:*:*:*:*:*:*", matchCriteriaId: "4CBC8B88-4EC3-4827-B100-3A5A91B29CC2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "2681FAC3-1E59-497A-9931-F4059F84EF86", versionEndIncluding: "07.5.01", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_msp40:-:*:*:*:*:*:*:*", matchCriteriaId: "E92390DF-BFCC-4F30-88A0-33F63CA9B1B3", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_octopus_os3:-:*:*:*:*:*:*:*", matchCriteriaId: "A18D078E-1F1A-4DE5-AE43-840D96BE1C6C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "98C84F5B-72F6-4059-B634-80EE072D0DF9", versionEndIncluding: "07.2.04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_dragon_mach4000:-:*:*:*:*:*:*:*", matchCriteriaId: "5E0562EC-4942-4D14-A634-8A6A5FDB9561", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_dragon_mach4500:-:*:*:*:*:*:*:*", matchCriteriaId: "79E8B334-8109-4664-8DCC-10876BD702DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "CFB09BFE-D6C9-4433-A53A-F79608BFACA9", versionEndIncluding: "05.3.06", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_eagle_one:-:*:*:*:*:*:*:*", matchCriteriaId: "2D6D7B3E-90AD-43D9-9192-453A37921E8F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eagle20:-:*:*:*:*:*:*:*", matchCriteriaId: "771189D9-34F0-400D-938B-2AA218C28C43", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eagle30:-:*:*:*:*:*:*:*", matchCriteriaId: "3DCF228A-F3A8-4B36-A105-04E88980BA76", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:garrettcom_magnum_dx940e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BE3BDD99-1DFA-4037-8E77-902F39842153", versionEndIncluding: "1.0.1_y7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:garrettcom_magnum_dx940e:-:*:*:*:*:*:*:*", matchCriteriaId: "E9B635F0-96C1-49DA-957C-2ECD55A316C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP client component. There is an IPNET security vulnerability: Heap overflow in DHCP Offer/ACK parsing inside ipdhcpc.", }, { lang: "es", value: "Wind River VxWorks versiones 6.6 y 6.9, presenta un Desbordamiento de Búfer en el componente cliente DHCP. Se presenta una vulnerabilidad de seguridad de IPNET: Desbordamiento de la pila en análisis Offer/ACK de DHCP dentro de ipdhcpc.", }, ], id: "CVE-2019-12257", lastModified: "2024-11-21T04:22:30.007", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-08-09T18:15:11.320", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K41190253", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12257", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K41190253", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12257", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-29 17:29
Modified
2024-11-21 04:52
Severity ?
Summary
When RPC is enabled in Wind River VxWorks 6.9 prior to 6.9.1, a specially crafted RPC request can trigger an integer overflow leading to an out-of-bounds memory copy. It may allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", matchCriteriaId: "52F73D2D-917A-42EE-93D3-EEA6B6998A1F", versionEndExcluding: "6.9.1", versionStartIncluding: "6.9", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.6:*:*:*:*:*:*:*", matchCriteriaId: "3219535A-64F3-4106-8652-7DD72808AC3D", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.7:*:*:*:*:*:*:*", matchCriteriaId: "D930A712-C6C8-4251-8FB5-78E65DF2DFBD", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.8:*:*:*:*:*:*:*", matchCriteriaId: "3F36DA7F-6593-4327-A104-2F8829F2ED32", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "When RPC is enabled in Wind River VxWorks 6.9 prior to 6.9.1, a specially crafted RPC request can trigger an integer overflow leading to an out-of-bounds memory copy. It may allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code.", }, { lang: "es", value: "Cuando RPC está habilitado en Wind River VxWorks versión 6.9 anterior a la versión 6.9.1, una petición RPC especialmente creada puede desencadenar un desbordamiento de enteros que conlleva a una copia de memoria fuera de límites. Puede permitir que los atacantes remotos generen una Denegación de Servicio (DoS) (bloqueo) o potencialmente ejecuten un código arbitrario.", }, ], id: "CVE-2019-9865", lastModified: "2024-11-21T04:52:28.073", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-29T17:29:00.697", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.windriver.com/feeds/wind_river_security_notices.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.windriver.com/feeds/wind_river_security_notices.xml", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-03-20 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote authenticated users to cause a denial of service (daemon outage) via a crafted pty request.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:6.5:*:*:*:*:*:*:*", matchCriteriaId: "9AB372D3-5FE7-4432-B1B1-00F0D1039459", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.6:*:*:*:*:*:*:*", matchCriteriaId: "3219535A-64F3-4106-8652-7DD72808AC3D", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.7:*:*:*:*:*:*:*", matchCriteriaId: "D930A712-C6C8-4251-8FB5-78E65DF2DFBD", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.8:*:*:*:*:*:*:*", matchCriteriaId: "3F36DA7F-6593-4327-A104-2F8829F2ED32", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.9:*:*:*:*:*:*:*", matchCriteriaId: "01004955-97D1-4F7E-80D4-4B1509945FBF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote authenticated users to cause a denial of service (daemon outage) via a crafted pty request.", }, { lang: "es", value: "IPSSH (también conocido como el servidor SSH) en Wind River VxWorks v6.5 hasta v6.9 permite a usuarios remotos autenticados provocar una denegación de servicio a través de una petición pty especialmente diseñada.", }, ], id: "CVE-2013-0713", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 6.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-03-20T18:55:01.747", references: [ { source: "vultures@jpcert.or.jp", url: "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01", }, { source: "vultures@jpcert.or.jp", url: "http://jvn.jp/en/jp/JVN52492830/995359/index.html", }, { source: "vultures@jpcert.or.jp", url: "http://jvn.jp/en/jp/JVN52492830/index.html", }, { source: "vultures@jpcert.or.jp", url: "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000020", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://jvn.jp/en/jp/JVN52492830/995359/index.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://jvn.jp/en/jp/JVN52492830/index.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000020", }, ], sourceIdentifier: "vultures@jpcert.or.jp", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2008-10-03 15:07
Modified
2025-04-09 00:30
Severity ?
Summary
The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB).
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:force10:ftos:*:*:*:*:*:*:*:*", matchCriteriaId: "4941A848-A02E-4234-82A3-076AABC94476", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:6.3:*:*:*:*:*:*:*", matchCriteriaId: "F702C46F-CA02-4FA2-B7D6-C61C2C095679", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:7.1:*:*:*:*:*:*:*", matchCriteriaId: "803EFA9F-B7CB-4511-B1C1-381170CA9A23", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:jnos:*:*:*:*:*:*:*:*", matchCriteriaId: "9BD3413A-DD12-4C60-88F4-E2D6C1264319", vulnerable: true, }, { criteria: "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*", matchCriteriaId: "B55E4B92-88E0-41F0-AFA7-046A8D34A2CA", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:4.2:*:*:*:*:*:*:*", matchCriteriaId: "9DF8DD37-A337-4E9D-A34E-C2D561A24285", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:4.3:*:*:*:*:*:*:*", matchCriteriaId: "F12313A0-1EAF-4652-9AB1-799171CFFEA9", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", matchCriteriaId: "DFCBBA4F-BD05-4044-98A0-2825A413D299", versionEndIncluding: "6.4", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:5:*:*:*:*:*:*:*", matchCriteriaId: "F69B80D9-E6A6-4761-9EE3-3EF5E55EFA8B", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:5.5:*:*:*:*:*:*:*", matchCriteriaId: "FE3680A0-7B0C-4E91-97D7-B3F33EE1569A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB).", }, { lang: "es", value: "La implementación IPv6 Neighbor Discovery Protocol (NDP) en (1) FreeBSD v6.3 hasta v7.1, (2) OpenBSD v4.2 y v4.3, (3) NetBSD, (4) Force10 FTOS versiones anteriores a vE7.7.1.1, (5) Juniper JUNOS, y (6) Wind River VxWorks 5.x hasta v6.4 no valida los mensaje originales de Neighbor Discovery, lo cual permite a atacantes remotos provocar una denegación de servicio (pérdida de conectividad) o leer tráfico de red privado a través de mensajes falsos que modifica la Forward Information Base (FIB).", }, ], id: "CVE-2008-2476", lastModified: "2025-04-09T00:30:58.490", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2008-10-03T15:07:10.727", references: [ { source: "cret@cert.org", url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-013.txt.asc", }, { source: "cret@cert.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/32112", }, { source: "cret@cert.org", url: "http://secunia.com/advisories/32116", }, { source: "cret@cert.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/32117", }, { source: "cret@cert.org", url: "http://secunia.com/advisories/32133", }, { source: "cret@cert.org", url: "http://secunia.com/advisories/32406", }, { source: "cret@cert.org", tags: [ "Vendor Advisory", ], url: "http://security.freebsd.org/advisories/FreeBSD-SA-08:10.nd6.asc", }, { source: "cret@cert.org", url: "http://securitytracker.com/id?1020968", }, { source: "cret@cert.org", url: "http://support.apple.com/kb/HT3467", }, { source: "cret@cert.org", tags: [ "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/472363", }, { source: "cret@cert.org", tags: [ "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/MAPG-7H2RY7", }, { source: "cret@cert.org", tags: [ "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/MAPG-7H2S68", }, { source: "cret@cert.org", url: "http://www.openbsd.org/errata42.html#015_ndp", }, { source: "cret@cert.org", url: "http://www.openbsd.org/errata43.html#006_ndp", }, { source: "cret@cert.org", url: "http://www.securityfocus.com/bid/31529", }, { source: "cret@cert.org", url: "http://www.securitytracker.com/id?1021109", }, { source: "cret@cert.org", url: "http://www.securitytracker.com/id?1021132", }, { source: "cret@cert.org", url: "http://www.vupen.com/english/advisories/2008/2750", }, { source: "cret@cert.org", url: "http://www.vupen.com/english/advisories/2008/2751", }, { source: "cret@cert.org", url: "http://www.vupen.com/english/advisories/2008/2752", }, { source: "cret@cert.org", url: "http://www.vupen.com/english/advisories/2009/0633", }, { source: "cret@cert.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/45601", }, { source: "cret@cert.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5670", }, { source: "cret@cert.org", url: "https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2008-09-036&viewMode=view", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-013.txt.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/32112", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/32116", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/32117", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/32133", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/32406", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://security.freebsd.org/advisories/FreeBSD-SA-08:10.nd6.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1020968", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.apple.com/kb/HT3467", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/472363", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/MAPG-7H2RY7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/MAPG-7H2S68", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openbsd.org/errata42.html#015_ndp", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openbsd.org/errata43.html#006_ndp", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/31529", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id?1021109", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id?1021132", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2008/2750", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2008/2751", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2008/2752", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2009/0633", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/45601", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5670", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2008-09-036&viewMode=view", }, ], sourceIdentifier: "cret@cert.org", vendorComments: [ { comment: "Not vulnerable. This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, 5 or Red Hat Enterprise MRG.", lastModified: "2017-09-28T21:31:11.053", organization: "Red Hat", }, ], vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-09-22 19:15
Modified
2024-11-21 08:13
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An issue was discovered in Wind River VxWorks 6.9 and 7. The function ``tarExtract`` implements TAR file extraction and thereby also processes files within an archive that have relative or absolute file paths. A developer using the "tarExtract" function may expect that the function will strip leading slashes from absolute paths or stop processing when encountering relative paths that are outside of the extraction path, unless otherwise forced. This could lead to unexpected and undocumented behavior, which in general could result in a directory traversal, and associated unexpected behavior.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2023-38346 | Patch, Vendor Advisory | |
| cve@mitre.org | https://support2.windriver.com/index.php?page=security-notices | Vendor Advisory | |
| cve@mitre.org | https://www.pentagrid.ch/en/blog/wind-river-vxworks-tarextract-directory-traversal-vulnerability/ | Exploit, Technical Description, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2023-38346 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support2.windriver.com/index.php?page=security-notices | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.pentagrid.ch/en/blog/wind-river-vxworks-tarextract-directory-traversal-vulnerability/ | Exploit, Technical Description, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:6.9:*:*:*:*:*:*:*", matchCriteriaId: "01004955-97D1-4F7E-80D4-4B1509945FBF", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:7.0:-:*:*:*:*:*:*", matchCriteriaId: "F3497F9B-A721-4289-A49F-A19D0F7F0148", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in Wind River VxWorks 6.9 and 7. The function ``tarExtract`` implements TAR file extraction and thereby also processes files within an archive that have relative or absolute file paths. A developer using the \"tarExtract\" function may expect that the function will strip leading slashes from absolute paths or stop processing when encountering relative paths that are outside of the extraction path, unless otherwise forced. This could lead to unexpected and undocumented behavior, which in general could result in a directory traversal, and associated unexpected behavior.", }, { lang: "es", value: "Se descubrió un problema en Wind River VxWorks 6.9 y 7. La función ``tarExtract`` implementa la extracción de archivos TAR y, por lo tanto, también procesa archivos dentro de un archivo que tienen rutas de archivo relativas o absolutas. Un desarrollador que utilice la función \"tarExtract\" puede esperar que la función elimine las barras diagonales iniciales de las rutas absolutas o detenga el procesamiento cuando encuentre rutas relativas que estén fuera de la ruta de extracción, a menos que se fuerce lo contrario. Esto podría dar lugar a un comportamiento inesperado y no documentado, que en general podría dar lugar a un Directory Traversal y un comportamiento inesperado asociado.", }, ], id: "CVE-2023-38346", lastModified: "2024-11-21T08:13:22.843", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-09-22T19:15:09.593", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2023-38346", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { source: "cve@mitre.org", tags: [ "Exploit", "Technical Description", "Third Party Advisory", ], url: "https://www.pentagrid.ch/en/blog/wind-river-vxworks-tarextract-directory-traversal-vulnerability/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2023-38346", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Technical Description", "Third Party Advisory", ], url: "https://www.pentagrid.ch/en/blog/wind-river-vxworks-tarextract-directory-traversal-vulnerability/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2010-08-05 13:22
Modified
2025-04-11 00:51
Severity ?
Summary
The FTP daemon in Wind River VxWorks does not close the TCP connection after a number of failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", matchCriteriaId: "8EB179D9-BA84-4DEA-88DF-AC3D0DE76EE1", versionEndIncluding: "6.8", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:5:*:*:*:*:*:*:*", matchCriteriaId: "F69B80D9-E6A6-4761-9EE3-3EF5E55EFA8B", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:5.5:*:*:*:*:*:*:*", matchCriteriaId: "FE3680A0-7B0C-4E91-97D7-B3F33EE1569A", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6:*:*:*:*:*:*:*", matchCriteriaId: "91724364-0D8C-4FC2-9AA6-1ADCEDE86DE8", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.4:*:*:*:*:*:*:*", matchCriteriaId: "1F452ABB-0174-4EC5-A82B-9D1164EBB163", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The FTP daemon in Wind River VxWorks does not close the TCP connection after a number of failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.", }, { lang: "es", value: "El demonio FTP en Wind River VxWorks no cierra adecuadamente la conexión TCP despues de un número de intentos fallidos de login, lo que hace que sea fácil para atacantes remotos obtener acceso a través de ataques de fuerza bruta. \r\n\r\n\r\n\r\n\r\n", }, ], id: "CVE-2010-2968", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 7.8, confidentialityImpact: "COMPLETE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:C/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2010-08-05T13:22:29.887", references: [ { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-08-05 18:15
Modified
2024-11-21 04:22
Severity ?
Summary
Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4 assignment by the ipdhcpc DHCP client component.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:6.6:*:*:*:*:*:*:*", matchCriteriaId: "3219535A-64F3-4106-8652-7DD72808AC3D", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.7:*:*:*:*:*:*:*", matchCriteriaId: "D930A712-C6C8-4251-8FB5-78E65DF2DFBD", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.8:*:*:*:*:*:*:*", matchCriteriaId: "3F36DA7F-6593-4327-A104-2F8829F2ED32", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.9.3:*:*:*:*:*:*:*", matchCriteriaId: "1726AC51-261E-4347-A666-E92C55B8826C", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.9.4:*:*:*:*:*:*:*", matchCriteriaId: "E0D9EFB4-ADBA-4353-BB26-2330832F69BE", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:7.0:*:*:*:*:*:*:*", matchCriteriaId: "D4810B35-06F6-4971-BE87-A30B1CF58AA0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "3950CA89-B400-427C-B6F2-54337AB694E0", versionEndIncluding: "07.0.07", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_ees20:-:*:*:*:*:*:*:*", matchCriteriaId: "D35A90AD-034E-434A-B989-4F871E0AD9A5", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_ees25:-:*:*:*:*:*:*:*", matchCriteriaId: "F3EF7BBA-2BCC-4A16-BBEE-E67CE8F95BE4", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eesx20:-:*:*:*:*:*:*:*", matchCriteriaId: "76F453AF-21B0-4611-95D7-88AD821632E8", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eesx30:-:*:*:*:*:*:*:*", matchCriteriaId: "BE6A655D-ED55-4344-9F75-5995371C87C3", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1020:-:*:*:*:*:*:*:*", matchCriteriaId: "29576107-85D0-4877-875F-7F60EFDB803D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1030:-:*:*:*:*:*:*:*", matchCriteriaId: "FF6200A3-7B4F-4A8E-B9DC-EE6A82093C20", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1042:-:*:*:*:*:*:*:*", matchCriteriaId: "DEBA19D8-8B2D-4AD0-AA77-A3139C33F44D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1120:-:*:*:*:*:*:*:*", matchCriteriaId: "1B4F7FEA-BB1F-405E-A047-87D0BF0DF054", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1130:-:*:*:*:*:*:*:*", matchCriteriaId: "641912E2-C368-4438-8D5C-F6615B9FDABC", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1142:-:*:*:*:*:*:*:*", matchCriteriaId: "F86BB5E8-4499-4E4F-AE5E-1471B297C16F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_msp30:-:*:*:*:*:*:*:*", matchCriteriaId: "E89FAE18-5B44-4203-ABFD-BC40AF7E51BE", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_msp32:-:*:*:*:*:*:*:*", matchCriteriaId: "8D0DFE2E-2356-46D6-B2D9-89FD907CA168", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rail_switch_power_lite:-:*:*:*:*:*:*:*", matchCriteriaId: "FDE06D94-B686-4468-86CF-AA68BB5CFEF4", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rail_switch_power_smart:-:*:*:*:*:*:*:*", matchCriteriaId: "BC6487F7-284A-40C2-B70D-9380AD2A47C1", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_red25:-:*:*:*:*:*:*:*", matchCriteriaId: "79354FA2-4C48-4506-94BE-7B9ECB18015D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp20:-:*:*:*:*:*:*:*", matchCriteriaId: "DED918F8-041E-4FFC-AFE8-484828696EDB", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp25:-:*:*:*:*:*:*:*", matchCriteriaId: "4ED7974C-BBE6-4BAE-8962-7B5638C7AE20", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp30:-:*:*:*:*:*:*:*", matchCriteriaId: "5EE16D46-7BA9-43D4-BB4E-1B638CE6C41B", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp35:-:*:*:*:*:*:*:*", matchCriteriaId: "165B837A-EF09-489F-BD7C-54107F491BC8", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe30:-:*:*:*:*:*:*:*", matchCriteriaId: "C06BF302-8E62-41DB-AA67-6369527B598F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe32:-:*:*:*:*:*:*:*", matchCriteriaId: "56D29DAB-C5D6-4539-86E4-43624FB957A9", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe35:-:*:*:*:*:*:*:*", matchCriteriaId: "305A9B3E-786C-4F8E-BE36-B4ED84650288", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe37:-:*:*:*:*:*:*:*", matchCriteriaId: "4CBC8B88-4EC3-4827-B100-3A5A91B29CC2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "2681FAC3-1E59-497A-9931-F4059F84EF86", versionEndIncluding: "07.5.01", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_msp40:-:*:*:*:*:*:*:*", matchCriteriaId: "E92390DF-BFCC-4F30-88A0-33F63CA9B1B3", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_octopus_os3:-:*:*:*:*:*:*:*", matchCriteriaId: "A18D078E-1F1A-4DE5-AE43-840D96BE1C6C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "98C84F5B-72F6-4059-B634-80EE072D0DF9", versionEndIncluding: "07.2.04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_dragon_mach4000:-:*:*:*:*:*:*:*", matchCriteriaId: "5E0562EC-4942-4D14-A634-8A6A5FDB9561", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_dragon_mach4500:-:*:*:*:*:*:*:*", matchCriteriaId: "79E8B334-8109-4664-8DCC-10876BD702DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "CFB09BFE-D6C9-4433-A53A-F79608BFACA9", versionEndIncluding: "05.3.06", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_eagle_one:-:*:*:*:*:*:*:*", matchCriteriaId: "2D6D7B3E-90AD-43D9-9192-453A37921E8F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eagle20:-:*:*:*:*:*:*:*", matchCriteriaId: "771189D9-34F0-400D-938B-2AA218C28C43", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eagle30:-:*:*:*:*:*:*:*", matchCriteriaId: "3DCF228A-F3A8-4B36-A105-04E88980BA76", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:garrettcom_magnum_dx940e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BE3BDD99-1DFA-4037-8E77-902F39842153", versionEndIncluding: "1.0.1_y7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:garrettcom_magnum_dx940e:-:*:*:*:*:*:*:*", matchCriteriaId: "E9B635F0-96C1-49DA-957C-2ECD55A316C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "47C998D1-9DD5-4470-9241-174170541408", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7000:-:*:*:*:*:*:*:*", matchCriteriaId: "BD6F6C12-9373-48F2-B576-C9AC7A287B53", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7018_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8216AFC1-213B-4E31-8660-5161E08A7C4E", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7018:-:*:*:*:*:*:*:*", matchCriteriaId: "FC0F5DBF-4730-40CE-B9CE-DD4DA31D3ED6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7025_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AE5D7B8D-E74F-4839-8839-23894307992D", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7025:-:*:*:*:*:*:*:*", matchCriteriaId: "63967CFD-D35C-4793-858A-032C44E282F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD25C864-C272-45B7-8EC5-9120DF6A2072", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7200:-:*:*:*:*:*:*:*", matchCriteriaId: "F7146409-09B7-499C-9544-361B234E952D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4 assignment by the ipdhcpc DHCP client component.", }, { lang: "es", value: "Wind River VxWorks versiones 6.6, 6.7, 6.8, 6.9.3, 6.9.4 y Vx7 tiene un control de acceso incorrecto en la asignación de IPv4 por el componente de cliente ipdhcpc DHCP.", }, ], id: "CVE-2019-12264", lastModified: "2024-11-21T04:22:31.333", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.8, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 4.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-08-05T18:15:10.863", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K41190253", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03960en_us", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12264", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K41190253", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03960en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12264", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-88", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-07-23 14:15
Modified
2024-11-21 04:57
Severity ?
Summary
httpRpmFs in WebCLI in Wind River VxWorks 5.5 through 7 SR0640 has no check for an escape from the web root.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", matchCriteriaId: "9E71A448-A54A-4BC5-B957-70E15EC21A35", versionEndExcluding: "7.0", versionStartIncluding: "5.5", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:7.0:-:*:*:*:*:*:*", matchCriteriaId: "F3497F9B-A721-4289-A49F-A19D0F7F0148", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:7.0:sr0630:*:*:*:*:*:*", matchCriteriaId: "51A0237A-7ADC-4840-A9D7-D260A360B811", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "httpRpmFs in WebCLI in Wind River VxWorks 5.5 through 7 SR0640 has no check for an escape from the web root.", }, { lang: "es", value: "httpRpmFs en WebCLI en Wind River VxWorks versiones 5.5 hasta 7 SR0640, no comprueba si se presenta un escape de la web root", }, ], id: "CVE-2020-11440", lastModified: "2024-11-21T04:57:55.290", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-07-23T14:15:12.167", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-11440", }, { source: "cve@mitre.org", tags: [ "Product", ], url: "https://windriver.com", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-11440", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://windriver.com", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-04-13 17:15
Modified
2024-11-21 06:02
Severity ?
Summary
An issue was discovered in Wind River VxWorks through 6.8. There is a possible stack overflow in dhcp server.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", matchCriteriaId: "8EB179D9-BA84-4DEA-88DF-AC3D0DE76EE1", versionEndIncluding: "6.8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in Wind River VxWorks through 6.8. There is a possible stack overflow in dhcp server.", }, { lang: "es", value: "Se detectó un problema en Wind River VxWorks versiones hasta 6.8. Se presenta un posible desbordamiento de pila en el servidor DHCP", }, ], id: "CVE-2021-29999", lastModified: "2024-11-21T06:02:08.757", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-04-13T17:15:12.357", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-04-13 17:15
Modified
2024-11-21 06:02
Severity ?
Summary
An issue was discovered in Wind River VxWorks 7 before 21.03. A specially crafted packet may lead to buffer over-read on IKE.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", matchCriteriaId: "DB07AF57-0F8D-4DCD-80DA-64096674F017", versionEndExcluding: "21.03", versionStartIncluding: "7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in Wind River VxWorks 7 before 21.03. A specially crafted packet may lead to buffer over-read on IKE.", }, { lang: "es", value: "Se detectó un problema en Wind River VxWorks 7 antes de la versión 21.03. Un paquete especialmente diseñado puede provocar una sobrelectura del búfer en IKE.", }, ], id: "CVE-2021-29997", lastModified: "2024-11-21T06:02:08.390", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-04-13T17:15:12.263", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2021-29997", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2021-29997", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-08-14 20:15
Modified
2024-11-21 04:22
Severity ?
Summary
Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and 7 has Incorrect Access Control in the RARP client component. IPNET security vulnerability: Handling of unsolicited Reverse ARP replies (Logical Flaw).
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:6.6:*:*:*:*:*:*:*", matchCriteriaId: "3219535A-64F3-4106-8652-7DD72808AC3D", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.7:*:*:*:*:*:*:*", matchCriteriaId: "D930A712-C6C8-4251-8FB5-78E65DF2DFBD", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.8:*:*:*:*:*:*:*", matchCriteriaId: "3F36DA7F-6593-4327-A104-2F8829F2ED32", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.9:*:*:*:*:*:*:*", matchCriteriaId: "01004955-97D1-4F7E-80D4-4B1509945FBF", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:7.0:*:*:*:*:*:*:*", matchCriteriaId: "D4810B35-06F6-4971-BE87-A30B1CF58AA0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "3950CA89-B400-427C-B6F2-54337AB694E0", versionEndIncluding: "07.0.07", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_ees20:-:*:*:*:*:*:*:*", matchCriteriaId: "D35A90AD-034E-434A-B989-4F871E0AD9A5", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_ees25:-:*:*:*:*:*:*:*", matchCriteriaId: "F3EF7BBA-2BCC-4A16-BBEE-E67CE8F95BE4", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eesx20:-:*:*:*:*:*:*:*", matchCriteriaId: "76F453AF-21B0-4611-95D7-88AD821632E8", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eesx30:-:*:*:*:*:*:*:*", matchCriteriaId: "BE6A655D-ED55-4344-9F75-5995371C87C3", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1020:-:*:*:*:*:*:*:*", matchCriteriaId: "29576107-85D0-4877-875F-7F60EFDB803D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1030:-:*:*:*:*:*:*:*", matchCriteriaId: "FF6200A3-7B4F-4A8E-B9DC-EE6A82093C20", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1042:-:*:*:*:*:*:*:*", matchCriteriaId: "DEBA19D8-8B2D-4AD0-AA77-A3139C33F44D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1120:-:*:*:*:*:*:*:*", matchCriteriaId: "1B4F7FEA-BB1F-405E-A047-87D0BF0DF054", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1130:-:*:*:*:*:*:*:*", matchCriteriaId: "641912E2-C368-4438-8D5C-F6615B9FDABC", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1142:-:*:*:*:*:*:*:*", matchCriteriaId: "F86BB5E8-4499-4E4F-AE5E-1471B297C16F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_msp30:-:*:*:*:*:*:*:*", matchCriteriaId: "E89FAE18-5B44-4203-ABFD-BC40AF7E51BE", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_msp32:-:*:*:*:*:*:*:*", matchCriteriaId: "8D0DFE2E-2356-46D6-B2D9-89FD907CA168", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rail_switch_power_lite:-:*:*:*:*:*:*:*", matchCriteriaId: "FDE06D94-B686-4468-86CF-AA68BB5CFEF4", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rail_switch_power_smart:-:*:*:*:*:*:*:*", matchCriteriaId: "BC6487F7-284A-40C2-B70D-9380AD2A47C1", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_red25:-:*:*:*:*:*:*:*", matchCriteriaId: "79354FA2-4C48-4506-94BE-7B9ECB18015D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp20:-:*:*:*:*:*:*:*", matchCriteriaId: "DED918F8-041E-4FFC-AFE8-484828696EDB", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp25:-:*:*:*:*:*:*:*", matchCriteriaId: "4ED7974C-BBE6-4BAE-8962-7B5638C7AE20", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp30:-:*:*:*:*:*:*:*", matchCriteriaId: "5EE16D46-7BA9-43D4-BB4E-1B638CE6C41B", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp35:-:*:*:*:*:*:*:*", matchCriteriaId: "165B837A-EF09-489F-BD7C-54107F491BC8", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe30:-:*:*:*:*:*:*:*", matchCriteriaId: "C06BF302-8E62-41DB-AA67-6369527B598F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe32:-:*:*:*:*:*:*:*", matchCriteriaId: "56D29DAB-C5D6-4539-86E4-43624FB957A9", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe35:-:*:*:*:*:*:*:*", matchCriteriaId: "305A9B3E-786C-4F8E-BE36-B4ED84650288", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe37:-:*:*:*:*:*:*:*", matchCriteriaId: "4CBC8B88-4EC3-4827-B100-3A5A91B29CC2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "2681FAC3-1E59-497A-9931-F4059F84EF86", versionEndIncluding: "07.5.01", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_msp40:-:*:*:*:*:*:*:*", matchCriteriaId: "E92390DF-BFCC-4F30-88A0-33F63CA9B1B3", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_octopus_os3:-:*:*:*:*:*:*:*", matchCriteriaId: "A18D078E-1F1A-4DE5-AE43-840D96BE1C6C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "98C84F5B-72F6-4059-B634-80EE072D0DF9", versionEndIncluding: "07.2.04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_dragon_mach4000:-:*:*:*:*:*:*:*", matchCriteriaId: "5E0562EC-4942-4D14-A634-8A6A5FDB9561", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_dragon_mach4500:-:*:*:*:*:*:*:*", matchCriteriaId: "79E8B334-8109-4664-8DCC-10876BD702DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "CFB09BFE-D6C9-4433-A53A-F79608BFACA9", versionEndIncluding: "05.3.06", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_eagle_one:-:*:*:*:*:*:*:*", matchCriteriaId: "2D6D7B3E-90AD-43D9-9192-453A37921E8F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eagle20:-:*:*:*:*:*:*:*", matchCriteriaId: "771189D9-34F0-400D-938B-2AA218C28C43", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eagle30:-:*:*:*:*:*:*:*", matchCriteriaId: "3DCF228A-F3A8-4B36-A105-04E88980BA76", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:garrettcom_magnum_dx940e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BE3BDD99-1DFA-4037-8E77-902F39842153", versionEndIncluding: "1.0.1_y7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:garrettcom_magnum_dx940e:-:*:*:*:*:*:*:*", matchCriteriaId: "E9B635F0-96C1-49DA-957C-2ECD55A316C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "47C998D1-9DD5-4470-9241-174170541408", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7000:-:*:*:*:*:*:*:*", matchCriteriaId: "BD6F6C12-9373-48F2-B576-C9AC7A287B53", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7018_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8216AFC1-213B-4E31-8660-5161E08A7C4E", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7018:-:*:*:*:*:*:*:*", matchCriteriaId: "FC0F5DBF-4730-40CE-B9CE-DD4DA31D3ED6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7025_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AE5D7B8D-E74F-4839-8839-23894307992D", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7025:-:*:*:*:*:*:*:*", matchCriteriaId: "63967CFD-D35C-4793-858A-032C44E282F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD25C864-C272-45B7-8EC5-9120DF6A2072", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7200:-:*:*:*:*:*:*:*", matchCriteriaId: "F7146409-09B7-499C-9544-361B234E952D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and 7 has Incorrect Access Control in the RARP client component. IPNET security vulnerability: Handling of unsolicited Reverse ARP replies (Logical Flaw).", }, { lang: "es", value: "Wind River VxWorks versiones 6.6, 6.7, 6.8, 6.9 y 7, presenta un Control de Acceso Incorrecto en el componente cliente RARP. Vulnerabilidad de seguridad IPNET: Manejo de respuestas Reverse ARP no solicitadas (Fallo Lógico).", }, ], id: "CVE-2019-12262", lastModified: "2024-11-21T04:22:30.967", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-08-14T20:15:11.573", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K41190253", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12262", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K41190253", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12262", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-03-11 22:15
Modified
2024-11-21 02:47
Severity ?
Summary
A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://blog.exodusintel.com/2016/08/09/vxworks-execute-my-packets/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://cert-portal.siemens.com/productcert/pdf/ssa-553445.pdf | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.exodusintel.com/2016/08/09/vxworks-execute-my-packets/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-553445.pdf | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| windriver | vxworks | * | |
| siemens | sgt-100_firmware | * | |
| siemens | sgt-100 | - | |
| siemens | sgt-200_firmware | * | |
| siemens | sgt-200 | - | |
| siemens | sgt-300_firmware | * | |
| siemens | sgt-300 | - | |
| siemens | sgt-400_firmware | * | |
| siemens | sgt-400 | - | |
| siemens | sgt-a20_firmware | * | |
| siemens | sgt-a20 | - | |
| siemens | sgt-a35_firmware | * | |
| siemens | sgt-a35 | - | |
| siemens | sgt-a65_firmware | * | |
| siemens | sgt-a65 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", matchCriteriaId: "B41CC977-326E-4BEE-BC9A-93A64C8628D4", versionEndIncluding: "7.0", versionStartIncluding: "6.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sgt-100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "988EC5E4-0049-4072-A4BD-BD528C033805", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sgt-100:-:*:*:*:*:*:*:*", matchCriteriaId: "E678D371-C274-4E49-8485-AB3D1835B822", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sgt-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4F25DE38-9193-4350-9B1F-B6441AC7047B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sgt-200:-:*:*:*:*:*:*:*", matchCriteriaId: "CB1B10D2-C5E7-4C0D-9BED-606FB1C01276", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sgt-300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FB59465A-3F1C-4035-B6BE-B4F8FAAAB4DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sgt-300:-:*:*:*:*:*:*:*", matchCriteriaId: "15B3EAEB-E209-4A6A-AA04-9497A8D47703", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sgt-400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8B39AD60-6DCB-4466-A5AD-98ACCF1E08B2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sgt-400:-:*:*:*:*:*:*:*", matchCriteriaId: "8D3FA43D-2BDA-4CBC-B6CB-E674CECAC086", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sgt-a20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "58C64347-8FB3-403D-A4BA-ABA5FE89AE4A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sgt-a20:-:*:*:*:*:*:*:*", matchCriteriaId: "23F32AEA-E2E9-417C-8C86-A08004F377C2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sgt-a35_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "32671BC6-DBED-41FB-B61F-553A70819FA0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sgt-a35:-:*:*:*:*:*:*:*", matchCriteriaId: "1D3F0086-DF1D-4EFF-BA2A-8F9ED2A8FCAE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sgt-a65_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "15B1A88C-7FC3-456F-A0E5-157EADBF8012", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sgt-a65:-:*:*:*:*:*:*:*", matchCriteriaId: "8F46F8C7-A7DD-4CD4-9DF8-04C7B9ABC89B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [ { sourceIdentifier: "cve@mitre.org", tags: [ "unsupported-when-assigned", ], }, ], descriptions: [ { lang: "en", value: "A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer", }, { lang: "es", value: "** NO COMPATIBLE CUANDO SE ASIGNÓ ** Un desbordamiento del búfer en la región stack de la memoria del cliente DNS en la función ipdnsc_decode_name() afecta a Wind River VxWorks versiones 6.5 hasta 7. NOTA: Esta vulnerabilidad solo afecta a los productos que ya no son compatibles con el mantenedor", }, ], id: "CVE-2016-20009", lastModified: "2024-11-21T02:47:32.740", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-03-11T22:15:12.120", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://blog.exodusintel.com/2016/08/09/vxworks-execute-my-packets/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-553445.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://blog.exodusintel.com/2016/08/09/vxworks-execute-my-packets/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-553445.pdf", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-08-09 21:15
Modified
2024-11-21 04:22
Severity ?
Summary
Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", matchCriteriaId: "D796397A-5CB0-4BF1-A2FD-8943B15751F8", versionEndExcluding: "6.9.4.12", versionStartIncluding: "6.5", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:7.0:-:*:*:*:*:*:*", matchCriteriaId: "F3497F9B-A721-4289-A49F-A19D0F7F0148", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "16C417C4-DC9B-48A8-AEAE-755BCC2DA389", versionEndIncluding: "5.9.0.7", versionStartIncluding: "5.9.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "3F047B55-4AAB-438D-BBF2-A0BAD4A5AFB2", versionEndIncluding: "5.9.1.12", versionStartIncluding: "5.9.1.0.", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "90EA3BDF-084B-4D67-B0EF-4D27CA0EF283", versionEndIncluding: "6.2.3.1", versionStartIncluding: "6.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "D59A1A87-D7B3-4F38-A83E-8CBF0A55A476", versionEndIncluding: "6.2.4.3", versionStartIncluding: "6.2.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "C306A1CA-3A13-4085-A481-25A6B2D2412A", versionEndIncluding: "6.2.5.3", versionStartIncluding: "6.2.5.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "819517C6-9288-45B1-96B0-90B05AA5F3C4", versionEndIncluding: "6.2.6.1", versionStartIncluding: "6.2.6.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "31148F5D-C86F-463D-9A5B-9D82515EF901", versionEndIncluding: "6.2.7.4", versionStartIncluding: "6.2.7.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "24520D09-E8D2-43BE-A4D3-19FE828A4309", versionEndIncluding: "6.2.9.2", versionStartIncluding: "6.2.9.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "DF416ABF-027E-4571-A81C-36280BFAA1F1", versionEndIncluding: "6.5.0.3", versionStartIncluding: "6.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "8C253EDA-69CE-4C3A-9ABF-A7C55CEFA29C", versionEndIncluding: "6.5.1.4", versionStartIncluding: "6.5.1.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "70C43F8A-0B85-4042-B691-8FDC841A3C2B", versionEndIncluding: "6.5.2.3", versionStartIncluding: "6.5.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "1F26B212-EE89-485A-A414-553C0F39DCA3", versionEndIncluding: "6.5.3.3", versionStartIncluding: "6.5.3.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "E6BA5213-EA5E-423B-9207-E06AED2917B3", versionEndIncluding: "6.5.4.3", versionStartIncluding: "6.5.4.0.", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:6.2.7.0:*:*:*:*:*:*:*", matchCriteriaId: "7BC6DEEC-5FB4-4017-B8F0-99A17AD93A52", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:6.2.7.1:*:*:*:*:*:*:*", matchCriteriaId: "DA6DA86B-D7E7-48E6-B841-206B9501DA67", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:6.2.7.7:*:*:*:*:*:*:*", matchCriteriaId: "D0A2A903-3092-40FB-99FE-B864C52D343E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp200", matchCriteriaId: "E7F2B915-D41F-4D3C-A52D-A63AB729716F", versionEndExcluding: "7.59", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", matchCriteriaId: "6E0F0E17-7BE6-40B8-985B-DF2F5F9D2CA7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "2E243199-8506-4F65-9C22-2CBD50208F0D", versionEndIncluding: "8.40.50.00", versionStartIncluding: "8.00", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp300", matchCriteriaId: "00314478-416E-488B-ADBF-DDED873ABE41", versionEndExcluding: "7.91", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", matchCriteriaId: "6E0F0E17-7BE6-40B8-985B-DF2F5F9D2CA7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:power_meter_9410_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9995922-9A9F-45B0-A982-3BC1D92B76D8", versionEndExcluding: "2.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:power_meter_9410:-:*:*:*:*:*:*:*", matchCriteriaId: "7900C33F-1C31-4A6F-B98C-EF0A8E64F241", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:power_meter_9810_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6FCC4AE0-E5A4-4B83-80E3-037FB836A9DA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:power_meter_9810:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5144E0-9082-497E-8958-6B85FDDD6C63", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "47C998D1-9DD5-4470-9241-174170541408", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7000:-:*:*:*:*:*:*:*", matchCriteriaId: "BD6F6C12-9373-48F2-B576-C9AC7A287B53", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7018_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8216AFC1-213B-4E31-8660-5161E08A7C4E", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7018:-:*:*:*:*:*:*:*", matchCriteriaId: "FC0F5DBF-4730-40CE-B9CE-DD4DA31D3ED6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7025_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AE5D7B8D-E74F-4839-8839-23894307992D", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7025:-:*:*:*:*:*:*:*", matchCriteriaId: "63967CFD-D35C-4793-858A-032C44E282F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD25C864-C272-45B7-8EC5-9120DF6A2072", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7200:-:*:*:*:*:*:*:*", matchCriteriaId: "F7146409-09B7-499C-9544-361B234E952D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_eagle:*:*:*:*:*:*:*:*", matchCriteriaId: "243EA2F1-2C91-43FD-8B6D-AA8F20FD7F7F", versionEndIncluding: "46.8.2", versionStartIncluding: "46.6.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "3950CA89-B400-427C-B6F2-54337AB694E0", versionEndIncluding: "07.0.07", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_ees20:-:*:*:*:*:*:*:*", matchCriteriaId: "D35A90AD-034E-434A-B989-4F871E0AD9A5", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_ees25:-:*:*:*:*:*:*:*", matchCriteriaId: "F3EF7BBA-2BCC-4A16-BBEE-E67CE8F95BE4", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eesx20:-:*:*:*:*:*:*:*", matchCriteriaId: "76F453AF-21B0-4611-95D7-88AD821632E8", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eesx30:-:*:*:*:*:*:*:*", matchCriteriaId: "BE6A655D-ED55-4344-9F75-5995371C87C3", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1020:-:*:*:*:*:*:*:*", matchCriteriaId: "29576107-85D0-4877-875F-7F60EFDB803D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1030:-:*:*:*:*:*:*:*", matchCriteriaId: "FF6200A3-7B4F-4A8E-B9DC-EE6A82093C20", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1042:-:*:*:*:*:*:*:*", matchCriteriaId: "DEBA19D8-8B2D-4AD0-AA77-A3139C33F44D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1120:-:*:*:*:*:*:*:*", matchCriteriaId: "1B4F7FEA-BB1F-405E-A047-87D0BF0DF054", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1130:-:*:*:*:*:*:*:*", matchCriteriaId: "641912E2-C368-4438-8D5C-F6615B9FDABC", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1142:-:*:*:*:*:*:*:*", matchCriteriaId: "F86BB5E8-4499-4E4F-AE5E-1471B297C16F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_msp30:-:*:*:*:*:*:*:*", matchCriteriaId: "E89FAE18-5B44-4203-ABFD-BC40AF7E51BE", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_msp32:-:*:*:*:*:*:*:*", matchCriteriaId: "8D0DFE2E-2356-46D6-B2D9-89FD907CA168", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rail_switch_power_lite:-:*:*:*:*:*:*:*", matchCriteriaId: "FDE06D94-B686-4468-86CF-AA68BB5CFEF4", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rail_switch_power_smart:-:*:*:*:*:*:*:*", matchCriteriaId: "BC6487F7-284A-40C2-B70D-9380AD2A47C1", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_red25:-:*:*:*:*:*:*:*", matchCriteriaId: "79354FA2-4C48-4506-94BE-7B9ECB18015D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp20:-:*:*:*:*:*:*:*", matchCriteriaId: "DED918F8-041E-4FFC-AFE8-484828696EDB", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp25:-:*:*:*:*:*:*:*", matchCriteriaId: "4ED7974C-BBE6-4BAE-8962-7B5638C7AE20", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp30:-:*:*:*:*:*:*:*", matchCriteriaId: "5EE16D46-7BA9-43D4-BB4E-1B638CE6C41B", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp35:-:*:*:*:*:*:*:*", matchCriteriaId: "165B837A-EF09-489F-BD7C-54107F491BC8", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe30:-:*:*:*:*:*:*:*", matchCriteriaId: "C06BF302-8E62-41DB-AA67-6369527B598F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe32:-:*:*:*:*:*:*:*", matchCriteriaId: "56D29DAB-C5D6-4539-86E4-43624FB957A9", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe35:-:*:*:*:*:*:*:*", matchCriteriaId: "305A9B3E-786C-4F8E-BE36-B4ED84650288", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe37:-:*:*:*:*:*:*:*", matchCriteriaId: "4CBC8B88-4EC3-4827-B100-3A5A91B29CC2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "2681FAC3-1E59-497A-9931-F4059F84EF86", versionEndIncluding: "07.5.01", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_msp40:-:*:*:*:*:*:*:*", matchCriteriaId: "E92390DF-BFCC-4F30-88A0-33F63CA9B1B3", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_octopus_os3:-:*:*:*:*:*:*:*", matchCriteriaId: "A18D078E-1F1A-4DE5-AE43-840D96BE1C6C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "98C84F5B-72F6-4059-B634-80EE072D0DF9", versionEndIncluding: "07.2.04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_dragon_mach4000:-:*:*:*:*:*:*:*", matchCriteriaId: "5E0562EC-4942-4D14-A634-8A6A5FDB9561", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_dragon_mach4500:-:*:*:*:*:*:*:*", matchCriteriaId: "79E8B334-8109-4664-8DCC-10876BD702DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "CFB09BFE-D6C9-4433-A53A-F79608BFACA9", versionEndIncluding: "05.3.06", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_eagle_one:-:*:*:*:*:*:*:*", matchCriteriaId: "2D6D7B3E-90AD-43D9-9192-453A37921E8F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eagle20:-:*:*:*:*:*:*:*", matchCriteriaId: "771189D9-34F0-400D-938B-2AA218C28C43", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eagle30:-:*:*:*:*:*:*:*", matchCriteriaId: "3DCF228A-F3A8-4B36-A105-04E88980BA76", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:garrettcom_magnum_dx940e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BE3BDD99-1DFA-4037-8E77-902F39842153", versionEndIncluding: "1.0.1_y7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:garrettcom_magnum_dx940e:-:*:*:*:*:*:*:*", matchCriteriaId: "E9B635F0-96C1-49DA-957C-2ECD55A316C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host.", }, { lang: "es", value: "Wind River VxWorks versiones 6.7 hasta 6.9 y vx7, presenta un Desbordamiento de Búfer en el componente TCP (problema 3 de 4). Se trata de una vulnerabilidad de seguridad de IPNET: Confusión de estado de TCP Urgent Pointer durante la función connect() a un host remoto.", }, ], id: "CVE-2019-12261", lastModified: "2024-11-21T04:22:30.777", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-08-09T21:15:11.093", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K41190253", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12261", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K41190253", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12261", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-08-04 01:59
Modified
2025-04-12 10:46
Severity ?
Summary
Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices before J2 and other devices, does not properly generate TCP initial sequence number (ISN) values, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| windriver | vxworks | * | |
| windriver | vxworks | * | |
| windriver | vxworks | * | |
| windriver | vxworks | * | |
| windriver | vxworks | 6.6.3 | |
| windriver | vxworks | 6.6.4 | |
| windriver | vxworks | 6.6.4.1 | |
| windriver | vxworks | 7.0 | |
| schneider-electric | sage_1210 | - | |
| schneider-electric | sage_1230 | - | |
| schneider-electric | sage_1250 | - | |
| schneider-electric | sage_1310 | - | |
| schneider-electric | sage_1330 | - | |
| schneider-electric | sage_1350 | - | |
| schneider-electric | sage_1410 | - | |
| schneider-electric | sage_1430 | - | |
| schneider-electric | sage_1450 | - | |
| schneider-electric | sage_2200 | - | |
| schneider-electric | sage_2400 | - | |
| schneider-electric | sage_3030 | - | |
| schneider-electric | sage_3030_magnum | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", matchCriteriaId: "8F8C5727-B863-4B2D-896B-B079CC49FEBA", versionEndIncluding: "6.6", versionStartIncluding: "6.5", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", matchCriteriaId: "12D324CD-4AAD-484B-BC8D-B0C7A76FC556", versionEndExcluding: "6.7.1.1", versionStartIncluding: "6.7", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", matchCriteriaId: "F1E97899-D5E5-4C4D-A553-B15F1DD31041", versionEndExcluding: "6.8.3", versionStartIncluding: "6.8", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", matchCriteriaId: "D1DE1FEF-4519-45F6-867D-5248A6B4753C", versionEndExcluding: "6.9.4.4", versionStartIncluding: "6.9", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.6.3:*:*:*:cert:*:*:*", matchCriteriaId: "ABFC811A-A440-464A-B5C8-1DB9DEAEEAF1", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.6.4:*:*:*:cert:*:*:*", matchCriteriaId: "A048ED68-46C5-49B3-9A8E-12F90CE1B6FB", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.6.4.1:*:*:*:cert:*:*:*", matchCriteriaId: "44AE1224-EFE0-4BA9-8250-1C4BB2F37301", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:7.0:*:*:*:*:*:*:*", matchCriteriaId: "D4810B35-06F6-4971-BE87-A30B1CF58AA0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:schneider-electric:sage_1210:-:*:*:*:*:*:*:*", matchCriteriaId: "A16A7B3E-0B50-4577-A27C-75422924226C", vulnerable: false, }, { criteria: "cpe:2.3:h:schneider-electric:sage_1230:-:*:*:*:*:*:*:*", matchCriteriaId: "8EA1F2F1-F8C3-427B-AD6F-778AF0193996", vulnerable: false, }, { criteria: "cpe:2.3:h:schneider-electric:sage_1250:-:*:*:*:*:*:*:*", matchCriteriaId: "7A95CFF8-563A-45B1-B038-E9DD1AB5C4D0", vulnerable: false, }, { criteria: "cpe:2.3:h:schneider-electric:sage_1310:-:*:*:*:*:*:*:*", matchCriteriaId: "C9592965-4A3B-4AD8-81F3-EDECC295B567", vulnerable: false, }, { criteria: "cpe:2.3:h:schneider-electric:sage_1330:-:*:*:*:*:*:*:*", matchCriteriaId: "AEC4C5D0-DB9C-419A-B30B-62514DEDE901", vulnerable: false, }, { criteria: "cpe:2.3:h:schneider-electric:sage_1350:-:*:*:*:*:*:*:*", matchCriteriaId: "4D66C8C1-E611-47B1-B9CF-32689F86B392", vulnerable: false, }, { criteria: "cpe:2.3:h:schneider-electric:sage_1410:-:*:*:*:*:*:*:*", matchCriteriaId: "02E606BD-92F8-4396-AD13-666D76E1E34D", vulnerable: false, }, { criteria: "cpe:2.3:h:schneider-electric:sage_1430:-:*:*:*:*:*:*:*", matchCriteriaId: "97E29CCC-4E21-411E-80DD-545A66E9B042", vulnerable: false, }, { criteria: "cpe:2.3:h:schneider-electric:sage_1450:-:*:*:*:*:*:*:*", matchCriteriaId: "66759867-027F-4FA6-ABA6-BFDEE49E8F8D", vulnerable: false, }, { criteria: "cpe:2.3:h:schneider-electric:sage_2200:-:*:*:*:*:*:*:*", matchCriteriaId: "82032E41-EE2D-4DC4-8420-6BFE92593061", vulnerable: false, }, { criteria: "cpe:2.3:h:schneider-electric:sage_2400:-:*:*:*:*:*:*:*", matchCriteriaId: "AA561E2A-4787-48D7-ABBB-26D0D7D24E6F", vulnerable: false, }, { criteria: "cpe:2.3:h:schneider-electric:sage_3030:-:*:*:*:*:*:*:*", matchCriteriaId: "88F83471-9806-4169-937E-27BDF3FC5A57", vulnerable: false, }, { criteria: "cpe:2.3:h:schneider-electric:sage_3030_magnum:-:*:*:*:*:*:*:*", matchCriteriaId: "453696F2-0F4C-4000-A438-F814D0FC3504", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices before J2 and other devices, does not properly generate TCP initial sequence number (ISN) values, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value.", }, { lang: "es", value: "Vulnerabilidad en Wind River VxWorks en versiones anteriores a 5.5.1, 6.5.x hasta la versión 6.7.x en versiones anteriores a 6.7.1.1, 6.8.x hasta la versión 6.8.3, 6.9.x en versiones anteriores a 6.9.4.4 y 7.x en versiones anteriores a 7 ipnet_coreip 1.2.2.0, tal como se utiliza en dispositivos Schneider Electric SAGE RTU en versiones anteriores a J2 y otros dispositivos, no genera correctamente valores del número inicial de secuencia (ISN) de TCP, lo que hace que sea más fácil para los atacantes remotos falsificar las sesiones TCP al predecir un valor ISN.", }, ], id: "CVE-2015-3963", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-08-04T01:59:07.357", references: [ { source: "ics-cert@hq.dhs.gov", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.schneider-electric.com/ww/en/download/document/SEVD-2015-162-01", }, { source: "ics-cert@hq.dhs.gov", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/75302", }, { source: "ics-cert@hq.dhs.gov", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032730", }, { source: "ics-cert@hq.dhs.gov", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1033181", }, { source: "ics-cert@hq.dhs.gov", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01", }, { source: "ics-cert@hq.dhs.gov", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01A", }, { source: "ics-cert@hq.dhs.gov", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20160324-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.schneider-electric.com/ww/en/download/document/SEVD-2015-162-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/75302", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032730", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1033181", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01A", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20160324-0001/", }, ], sourceIdentifier: "ics-cert@hq.dhs.gov", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-330", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-03-20 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
The WebCLI component in Wind River VxWorks 5.5 through 6.9 allows remote authenticated users to cause a denial of service (CLI session crash) via a crafted command string.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:6.5:*:*:*:*:*:*:*", matchCriteriaId: "9AB372D3-5FE7-4432-B1B1-00F0D1039459", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.6:*:*:*:*:*:*:*", matchCriteriaId: "3219535A-64F3-4106-8652-7DD72808AC3D", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.7:*:*:*:*:*:*:*", matchCriteriaId: "D930A712-C6C8-4251-8FB5-78E65DF2DFBD", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.8:*:*:*:*:*:*:*", matchCriteriaId: "3F36DA7F-6593-4327-A104-2F8829F2ED32", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.9:*:*:*:*:*:*:*", matchCriteriaId: "01004955-97D1-4F7E-80D4-4B1509945FBF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The WebCLI component in Wind River VxWorks 5.5 through 6.9 allows remote authenticated users to cause a denial of service (CLI session crash) via a crafted command string.", }, { lang: "es", value: "El componente WebCLI en Wind River VxWorks v5.5 hasta v6.9 permite a usuarios remotos autenticados provocar una denegación de servicio (caída de la sesión) a través de una cadena de comandos especialmente diseñada.", }, ], id: "CVE-2013-0715", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-03-20T18:55:01.787", references: [ { source: "vultures@jpcert.or.jp", url: "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01", }, { source: "vultures@jpcert.or.jp", url: "http://jvn.jp/en/jp/JVN65923092/995359/index.html", }, { source: "vultures@jpcert.or.jp", url: "http://jvn.jp/en/jp/JVN65923092/index.html", }, { source: "vultures@jpcert.or.jp", url: "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://jvn.jp/en/jp/JVN65923092/995359/index.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://jvn.jp/en/jp/JVN65923092/index.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000022", }, ], sourceIdentifier: "vultures@jpcert.or.jp", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-07-15 23:15
Modified
2024-11-21 04:55
Severity ?
Summary
IRC5 exposes an ftp server (port 21). Upon attempting to gain access you are challenged with a request of username and password, however you can input whatever you like. As long as the field isn't empty it will be accepted.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@aliasrobotics.com | https://github.com/aliasrobotics/RVD/issues/3327 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/aliasrobotics/RVD/issues/3327 | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:abb:robotware:5.09:*:*:*:*:*:*:*", matchCriteriaId: "C9C363AC-475E-42E1-937B-D34A45AE9E32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:abb:irb140:-:*:*:*:*:*:*:*", matchCriteriaId: "4A6784E9-6C10-4DC4-8CDB-091EFF88BD2F", vulnerable: false, }, { criteria: "cpe:2.3:h:abb:irc5:-:*:*:*:*:*:*:*", matchCriteriaId: "BB3C36DB-C7BB-4EB2-AE54-CE72067D1592", vulnerable: false, }, { criteria: "cpe:2.3:o:windriver:vxworks:5.5.1:*:*:*:*:*:*:*", matchCriteriaId: "2490A606-8525-4D45-B0A5-975E125257A8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "IRC5 exposes an ftp server (port 21). Upon attempting to gain access you are challenged with a request of username and password, however you can input whatever you like. As long as the field isn't empty it will be accepted.", }, { lang: "es", value: "IRC5 expone un servidor ftp (puerto 21). Al intentar conseguir acceso, se le solicita una petición de nombre de usuario y contraseña, sin embargo, puede ingresar lo que desee. Mientras el campo no esté vacío, será aceptado", }, ], id: "CVE-2020-10288", lastModified: "2024-11-21T04:55:08.807", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "cve@aliasrobotics.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-07-15T23:15:11.393", references: [ { source: "cve@aliasrobotics.com", tags: [ "Third Party Advisory", ], url: "https://github.com/aliasrobotics/RVD/issues/3327", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/aliasrobotics/RVD/issues/3327", }, ], sourceIdentifier: "cve@aliasrobotics.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "cve@aliasrobotics.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-27 13:15
Modified
2024-11-21 04:55
Severity ?
Summary
The IGMP component in VxWorks 6.8.3 IPNET CVE patches created in 2019 has a NULL Pointer Dereference.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:6.8.3:*:*:*:*:*:*:*", matchCriteriaId: "F1D53780-C7DB-4797-A321-B682BCDE9CC2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The IGMP component in VxWorks 6.8.3 IPNET CVE patches created in 2019 has a NULL Pointer Dereference.", }, { lang: "es", value: "El componente IGMP en VxWorks versiones 6.8.3 parches de CVE del IPNET creados en 2019, tiene una Desreferencia del Puntero NULL.", }, ], id: "CVE-2020-10664", lastModified: "2024-11-21T04:55:47.873", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-27T13:15:12.287", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-10664", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-10664", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2010-08-05 13:22
Modified
2025-04-11 00:51
Severity ?
Summary
The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185, a related issue to CVE-2005-3804.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rockwellautomation | 1756-enbt\/a_firmware | 3.2.6 | |
| rockwellautomation | 1756-enbt\/a_firmware | 3.6.1 | |
| windriver | vxworks | * | |
| rockwellautomation | 1756-enbt\/a | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:1756-enbt\\/a_firmware:3.2.6:*:*:*:*:*:*:*", matchCriteriaId: "22C36961-F714-459C-ADF9-107C8EE99115", vulnerable: true, }, { criteria: "cpe:2.3:o:rockwellautomation:1756-enbt\\/a_firmware:3.6.1:*:*:*:*:*:*:*", matchCriteriaId: "D4B6FA17-2C3D-45F8-B327-8760DD3757CF", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", matchCriteriaId: "3F579A94-D4C9-4A16-9A1A-DE62C6F6ADC9", versionEndIncluding: "6.9.4.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:1756-enbt\\/a:-:*:*:*:*:*:*:*", matchCriteriaId: "0A3DE5C9-82F9-4D92-B735-D85816EE8557", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185, a related issue to CVE-2005-3804.", }, { lang: "es", value: "El servicio WDB target agent debug en Wind River VxWorks v6.x, v5.x, y anteriores, como los usados en el Rockwell Automation 1756-ENBT serie A con firmware v3.2.6 y v3.6.1 y otros productos, permiten a atacantes remotos leer o modificar a su elección direcciones de memoria, realizar llamdas a funciones, o administrar tareas a través de peticiones UDP al puerto 17185, relacionado con el comportamiento de CVE-2005-3804.", }, ], id: "CVE-2010-2965", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2010-08-05T13:22:29.793", references: [ { source: "cve@mitre.org", tags: [ "Not Applicable", ], url: "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", }, { source: "cve@mitre.org", tags: [ "Permissions Required", ], url: "http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=69735", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/362332", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/MAPG-86EPFA", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/MAPG-86FPQL", }, { source: "cve@mitre.org", tags: [ "Permissions Required", ], url: "https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033708", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", ], url: "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=69735", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://seclists.org/fulldisclosure/2025/Jan/10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/362332", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/MAPG-86EPFA", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/MAPG-86FPQL", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033708", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-863", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-08-09 19:15
Modified
2024-11-21 04:22
Severity ?
Summary
Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There is an IPNET security vulnerability: TCP Urgent Pointer state confusion due to race condition.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", matchCriteriaId: "D796397A-5CB0-4BF1-A2FD-8943B15751F8", versionEndExcluding: "6.9.4.12", versionStartIncluding: "6.5", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:7.0:-:*:*:*:*:*:*", matchCriteriaId: "F3497F9B-A721-4289-A49F-A19D0F7F0148", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "16C417C4-DC9B-48A8-AEAE-755BCC2DA389", versionEndIncluding: "5.9.0.7", versionStartIncluding: "5.9.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "3F047B55-4AAB-438D-BBF2-A0BAD4A5AFB2", versionEndIncluding: "5.9.1.12", versionStartIncluding: "5.9.1.0.", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "90EA3BDF-084B-4D67-B0EF-4D27CA0EF283", versionEndIncluding: "6.2.3.1", versionStartIncluding: "6.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "D59A1A87-D7B3-4F38-A83E-8CBF0A55A476", versionEndIncluding: "6.2.4.3", versionStartIncluding: "6.2.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "C306A1CA-3A13-4085-A481-25A6B2D2412A", versionEndIncluding: "6.2.5.3", versionStartIncluding: "6.2.5.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "819517C6-9288-45B1-96B0-90B05AA5F3C4", versionEndIncluding: "6.2.6.1", versionStartIncluding: "6.2.6.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "31148F5D-C86F-463D-9A5B-9D82515EF901", versionEndIncluding: "6.2.7.4", versionStartIncluding: "6.2.7.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "24520D09-E8D2-43BE-A4D3-19FE828A4309", versionEndIncluding: "6.2.9.2", versionStartIncluding: "6.2.9.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "DF416ABF-027E-4571-A81C-36280BFAA1F1", versionEndIncluding: "6.5.0.3", versionStartIncluding: "6.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "8C253EDA-69CE-4C3A-9ABF-A7C55CEFA29C", versionEndIncluding: "6.5.1.4", versionStartIncluding: "6.5.1.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "70C43F8A-0B85-4042-B691-8FDC841A3C2B", versionEndIncluding: "6.5.2.3", versionStartIncluding: "6.5.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "1F26B212-EE89-485A-A414-553C0F39DCA3", versionEndIncluding: "6.5.3.3", versionStartIncluding: "6.5.3.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "E6BA5213-EA5E-423B-9207-E06AED2917B3", versionEndIncluding: "6.5.4.3", versionStartIncluding: "6.5.4.0.", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:6.2.7.0:*:*:*:*:*:*:*", matchCriteriaId: "7BC6DEEC-5FB4-4017-B8F0-99A17AD93A52", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:6.2.7.1:*:*:*:*:*:*:*", matchCriteriaId: "DA6DA86B-D7E7-48E6-B841-206B9501DA67", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:6.2.7.7:*:*:*:*:*:*:*", matchCriteriaId: "D0A2A903-3092-40FB-99FE-B864C52D343E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp200", matchCriteriaId: "E7F2B915-D41F-4D3C-A52D-A63AB729716F", versionEndExcluding: "7.59", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", matchCriteriaId: "6E0F0E17-7BE6-40B8-985B-DF2F5F9D2CA7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "2E243199-8506-4F65-9C22-2CBD50208F0D", versionEndIncluding: "8.40.50.00", versionStartIncluding: "8.00", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp300", matchCriteriaId: "00314478-416E-488B-ADBF-DDED873ABE41", versionEndExcluding: "7.91", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", matchCriteriaId: "6E0F0E17-7BE6-40B8-985B-DF2F5F9D2CA7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:power_meter_9410_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9995922-9A9F-45B0-A982-3BC1D92B76D8", versionEndExcluding: "2.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:power_meter_9410:-:*:*:*:*:*:*:*", matchCriteriaId: "7900C33F-1C31-4A6F-B98C-EF0A8E64F241", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:power_meter_9810_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6FCC4AE0-E5A4-4B83-80E3-037FB836A9DA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:power_meter_9810:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5144E0-9082-497E-8958-6B85FDDD6C63", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "47C998D1-9DD5-4470-9241-174170541408", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7000:-:*:*:*:*:*:*:*", matchCriteriaId: "BD6F6C12-9373-48F2-B576-C9AC7A287B53", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7018_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8216AFC1-213B-4E31-8660-5161E08A7C4E", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7018:-:*:*:*:*:*:*:*", matchCriteriaId: "FC0F5DBF-4730-40CE-B9CE-DD4DA31D3ED6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7025_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AE5D7B8D-E74F-4839-8839-23894307992D", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7025:-:*:*:*:*:*:*:*", matchCriteriaId: "63967CFD-D35C-4793-858A-032C44E282F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD25C864-C272-45B7-8EC5-9120DF6A2072", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7200:-:*:*:*:*:*:*:*", matchCriteriaId: "F7146409-09B7-499C-9544-361B234E952D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "3950CA89-B400-427C-B6F2-54337AB694E0", versionEndIncluding: "07.0.07", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_ees20:-:*:*:*:*:*:*:*", matchCriteriaId: "D35A90AD-034E-434A-B989-4F871E0AD9A5", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_ees25:-:*:*:*:*:*:*:*", matchCriteriaId: "F3EF7BBA-2BCC-4A16-BBEE-E67CE8F95BE4", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eesx20:-:*:*:*:*:*:*:*", matchCriteriaId: "76F453AF-21B0-4611-95D7-88AD821632E8", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eesx30:-:*:*:*:*:*:*:*", matchCriteriaId: "BE6A655D-ED55-4344-9F75-5995371C87C3", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1020:-:*:*:*:*:*:*:*", matchCriteriaId: "29576107-85D0-4877-875F-7F60EFDB803D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1030:-:*:*:*:*:*:*:*", matchCriteriaId: "FF6200A3-7B4F-4A8E-B9DC-EE6A82093C20", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1042:-:*:*:*:*:*:*:*", matchCriteriaId: "DEBA19D8-8B2D-4AD0-AA77-A3139C33F44D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1120:-:*:*:*:*:*:*:*", matchCriteriaId: "1B4F7FEA-BB1F-405E-A047-87D0BF0DF054", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1130:-:*:*:*:*:*:*:*", matchCriteriaId: "641912E2-C368-4438-8D5C-F6615B9FDABC", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1142:-:*:*:*:*:*:*:*", matchCriteriaId: "F86BB5E8-4499-4E4F-AE5E-1471B297C16F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_msp30:-:*:*:*:*:*:*:*", matchCriteriaId: "E89FAE18-5B44-4203-ABFD-BC40AF7E51BE", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_msp32:-:*:*:*:*:*:*:*", matchCriteriaId: "8D0DFE2E-2356-46D6-B2D9-89FD907CA168", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rail_switch_power_lite:-:*:*:*:*:*:*:*", matchCriteriaId: "FDE06D94-B686-4468-86CF-AA68BB5CFEF4", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rail_switch_power_smart:-:*:*:*:*:*:*:*", matchCriteriaId: "BC6487F7-284A-40C2-B70D-9380AD2A47C1", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_red25:-:*:*:*:*:*:*:*", matchCriteriaId: "79354FA2-4C48-4506-94BE-7B9ECB18015D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp20:-:*:*:*:*:*:*:*", matchCriteriaId: "DED918F8-041E-4FFC-AFE8-484828696EDB", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp25:-:*:*:*:*:*:*:*", matchCriteriaId: "4ED7974C-BBE6-4BAE-8962-7B5638C7AE20", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp30:-:*:*:*:*:*:*:*", matchCriteriaId: "5EE16D46-7BA9-43D4-BB4E-1B638CE6C41B", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp35:-:*:*:*:*:*:*:*", matchCriteriaId: "165B837A-EF09-489F-BD7C-54107F491BC8", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe30:-:*:*:*:*:*:*:*", matchCriteriaId: "C06BF302-8E62-41DB-AA67-6369527B598F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe32:-:*:*:*:*:*:*:*", matchCriteriaId: "56D29DAB-C5D6-4539-86E4-43624FB957A9", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe35:-:*:*:*:*:*:*:*", matchCriteriaId: "305A9B3E-786C-4F8E-BE36-B4ED84650288", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe37:-:*:*:*:*:*:*:*", matchCriteriaId: "4CBC8B88-4EC3-4827-B100-3A5A91B29CC2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "2681FAC3-1E59-497A-9931-F4059F84EF86", versionEndIncluding: "07.5.01", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_msp40:-:*:*:*:*:*:*:*", matchCriteriaId: "E92390DF-BFCC-4F30-88A0-33F63CA9B1B3", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_octopus_os3:-:*:*:*:*:*:*:*", matchCriteriaId: "A18D078E-1F1A-4DE5-AE43-840D96BE1C6C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "98C84F5B-72F6-4059-B634-80EE072D0DF9", versionEndIncluding: "07.2.04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_dragon_mach4000:-:*:*:*:*:*:*:*", matchCriteriaId: "5E0562EC-4942-4D14-A634-8A6A5FDB9561", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_dragon_mach4500:-:*:*:*:*:*:*:*", matchCriteriaId: "79E8B334-8109-4664-8DCC-10876BD702DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "CFB09BFE-D6C9-4433-A53A-F79608BFACA9", versionEndIncluding: "05.3.06", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_eagle_one:-:*:*:*:*:*:*:*", matchCriteriaId: "2D6D7B3E-90AD-43D9-9192-453A37921E8F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eagle20:-:*:*:*:*:*:*:*", matchCriteriaId: "771189D9-34F0-400D-938B-2AA218C28C43", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eagle30:-:*:*:*:*:*:*:*", matchCriteriaId: "3DCF228A-F3A8-4B36-A105-04E88980BA76", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:garrettcom_magnum_dx940e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BE3BDD99-1DFA-4037-8E77-902F39842153", versionEndIncluding: "1.0.1_y7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:garrettcom_magnum_dx940e:-:*:*:*:*:*:*:*", matchCriteriaId: "E9B635F0-96C1-49DA-957C-2ECD55A316C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There is an IPNET security vulnerability: TCP Urgent Pointer state confusion due to race condition.", }, { lang: "es", value: "Wind River VxWorks versiones 6.9.4 y vx7, presenta un Desbordamiento de Búfer en el componente TCP (problema 4 de 4). Se presenta una vulnerabilidad de seguridad de IPNET: Confusión de estado de TCP Urgent Pointer debido a una condición de carrera.", }, ], id: "CVE-2019-12263", lastModified: "2024-11-21T04:22:31.140", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-08-09T19:15:11.233", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K41190253", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12263", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K41190253", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12263", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-362", }, { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-08-09 19:15
Modified
2024-11-21 04:22
Severity ?
Summary
Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Leak in the IGMPv3 client component. There is an IPNET security vulnerability: IGMP Information leak via IGMPv3 specific membership report.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", matchCriteriaId: "D796397A-5CB0-4BF1-A2FD-8943B15751F8", versionEndExcluding: "6.9.4.12", versionStartIncluding: "6.5", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:7.0:-:*:*:*:*:*:*", matchCriteriaId: "F3497F9B-A721-4289-A49F-A19D0F7F0148", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "16C417C4-DC9B-48A8-AEAE-755BCC2DA389", versionEndIncluding: "5.9.0.7", versionStartIncluding: "5.9.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "3F047B55-4AAB-438D-BBF2-A0BAD4A5AFB2", versionEndIncluding: "5.9.1.12", versionStartIncluding: "5.9.1.0.", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "90EA3BDF-084B-4D67-B0EF-4D27CA0EF283", versionEndIncluding: "6.2.3.1", versionStartIncluding: "6.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "D59A1A87-D7B3-4F38-A83E-8CBF0A55A476", versionEndIncluding: "6.2.4.3", versionStartIncluding: "6.2.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "C306A1CA-3A13-4085-A481-25A6B2D2412A", versionEndIncluding: "6.2.5.3", versionStartIncluding: "6.2.5.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "819517C6-9288-45B1-96B0-90B05AA5F3C4", versionEndIncluding: "6.2.6.1", versionStartIncluding: "6.2.6.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "31148F5D-C86F-463D-9A5B-9D82515EF901", versionEndIncluding: "6.2.7.4", versionStartIncluding: "6.2.7.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "24520D09-E8D2-43BE-A4D3-19FE828A4309", versionEndIncluding: "6.2.9.2", versionStartIncluding: "6.2.9.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "DF416ABF-027E-4571-A81C-36280BFAA1F1", versionEndIncluding: "6.5.0.3", versionStartIncluding: "6.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "8C253EDA-69CE-4C3A-9ABF-A7C55CEFA29C", versionEndIncluding: "6.5.1.4", versionStartIncluding: "6.5.1.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "70C43F8A-0B85-4042-B691-8FDC841A3C2B", versionEndIncluding: "6.5.2.3", versionStartIncluding: "6.5.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "1F26B212-EE89-485A-A414-553C0F39DCA3", versionEndIncluding: "6.5.3.3", versionStartIncluding: "6.5.3.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "E6BA5213-EA5E-423B-9207-E06AED2917B3", versionEndIncluding: "6.5.4.3", versionStartIncluding: "6.5.4.0.", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:6.2.7.0:*:*:*:*:*:*:*", matchCriteriaId: "7BC6DEEC-5FB4-4017-B8F0-99A17AD93A52", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:6.2.7.1:*:*:*:*:*:*:*", matchCriteriaId: "DA6DA86B-D7E7-48E6-B841-206B9501DA67", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:6.2.7.7:*:*:*:*:*:*:*", matchCriteriaId: "D0A2A903-3092-40FB-99FE-B864C52D343E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp300", matchCriteriaId: "00314478-416E-488B-ADBF-DDED873ABE41", versionEndExcluding: "7.91", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", matchCriteriaId: "6E0F0E17-7BE6-40B8-985B-DF2F5F9D2CA7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp200", matchCriteriaId: "E7F2B915-D41F-4D3C-A52D-A63AB729716F", versionEndExcluding: "7.59", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", matchCriteriaId: "6E0F0E17-7BE6-40B8-985B-DF2F5F9D2CA7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp300", matchCriteriaId: "00314478-416E-488B-ADBF-DDED873ABE41", versionEndExcluding: "7.91", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", matchCriteriaId: "6E0F0E17-7BE6-40B8-985B-DF2F5F9D2CA7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "2E243199-8506-4F65-9C22-2CBD50208F0D", versionEndIncluding: "8.40.50.00", versionStartIncluding: "8.00", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:power_meter_9410_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9995922-9A9F-45B0-A982-3BC1D92B76D8", versionEndExcluding: "2.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:power_meter_9410:-:*:*:*:*:*:*:*", matchCriteriaId: "7900C33F-1C31-4A6F-B98C-EF0A8E64F241", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:power_meter_9810_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6FCC4AE0-E5A4-4B83-80E3-037FB836A9DA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:power_meter_9810:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5144E0-9082-497E-8958-6B85FDDD6C63", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "47C998D1-9DD5-4470-9241-174170541408", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7000:-:*:*:*:*:*:*:*", matchCriteriaId: "BD6F6C12-9373-48F2-B576-C9AC7A287B53", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7018_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8216AFC1-213B-4E31-8660-5161E08A7C4E", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7018:-:*:*:*:*:*:*:*", matchCriteriaId: "FC0F5DBF-4730-40CE-B9CE-DD4DA31D3ED6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7025_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AE5D7B8D-E74F-4839-8839-23894307992D", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7025:-:*:*:*:*:*:*:*", matchCriteriaId: "63967CFD-D35C-4793-858A-032C44E282F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD25C864-C272-45B7-8EC5-9120DF6A2072", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7200:-:*:*:*:*:*:*:*", matchCriteriaId: "F7146409-09B7-499C-9544-361B234E952D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "3950CA89-B400-427C-B6F2-54337AB694E0", versionEndIncluding: "07.0.07", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_ees20:-:*:*:*:*:*:*:*", matchCriteriaId: "D35A90AD-034E-434A-B989-4F871E0AD9A5", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_ees25:-:*:*:*:*:*:*:*", matchCriteriaId: "F3EF7BBA-2BCC-4A16-BBEE-E67CE8F95BE4", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eesx20:-:*:*:*:*:*:*:*", matchCriteriaId: "76F453AF-21B0-4611-95D7-88AD821632E8", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eesx30:-:*:*:*:*:*:*:*", matchCriteriaId: "BE6A655D-ED55-4344-9F75-5995371C87C3", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1020:-:*:*:*:*:*:*:*", matchCriteriaId: "29576107-85D0-4877-875F-7F60EFDB803D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1030:-:*:*:*:*:*:*:*", matchCriteriaId: "FF6200A3-7B4F-4A8E-B9DC-EE6A82093C20", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1042:-:*:*:*:*:*:*:*", matchCriteriaId: "DEBA19D8-8B2D-4AD0-AA77-A3139C33F44D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1120:-:*:*:*:*:*:*:*", matchCriteriaId: "1B4F7FEA-BB1F-405E-A047-87D0BF0DF054", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1130:-:*:*:*:*:*:*:*", matchCriteriaId: "641912E2-C368-4438-8D5C-F6615B9FDABC", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1142:-:*:*:*:*:*:*:*", matchCriteriaId: "F86BB5E8-4499-4E4F-AE5E-1471B297C16F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_msp30:-:*:*:*:*:*:*:*", matchCriteriaId: "E89FAE18-5B44-4203-ABFD-BC40AF7E51BE", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_msp32:-:*:*:*:*:*:*:*", matchCriteriaId: "8D0DFE2E-2356-46D6-B2D9-89FD907CA168", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rail_switch_power_lite:-:*:*:*:*:*:*:*", matchCriteriaId: "FDE06D94-B686-4468-86CF-AA68BB5CFEF4", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rail_switch_power_smart:-:*:*:*:*:*:*:*", matchCriteriaId: "BC6487F7-284A-40C2-B70D-9380AD2A47C1", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_red25:-:*:*:*:*:*:*:*", matchCriteriaId: "79354FA2-4C48-4506-94BE-7B9ECB18015D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp20:-:*:*:*:*:*:*:*", matchCriteriaId: "DED918F8-041E-4FFC-AFE8-484828696EDB", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp25:-:*:*:*:*:*:*:*", matchCriteriaId: "4ED7974C-BBE6-4BAE-8962-7B5638C7AE20", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp30:-:*:*:*:*:*:*:*", matchCriteriaId: "5EE16D46-7BA9-43D4-BB4E-1B638CE6C41B", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp35:-:*:*:*:*:*:*:*", matchCriteriaId: "165B837A-EF09-489F-BD7C-54107F491BC8", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe30:-:*:*:*:*:*:*:*", matchCriteriaId: "C06BF302-8E62-41DB-AA67-6369527B598F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe32:-:*:*:*:*:*:*:*", matchCriteriaId: "56D29DAB-C5D6-4539-86E4-43624FB957A9", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe35:-:*:*:*:*:*:*:*", matchCriteriaId: "305A9B3E-786C-4F8E-BE36-B4ED84650288", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe37:-:*:*:*:*:*:*:*", matchCriteriaId: "4CBC8B88-4EC3-4827-B100-3A5A91B29CC2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "2681FAC3-1E59-497A-9931-F4059F84EF86", versionEndIncluding: "07.5.01", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_msp40:-:*:*:*:*:*:*:*", matchCriteriaId: "E92390DF-BFCC-4F30-88A0-33F63CA9B1B3", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_octopus_os3:-:*:*:*:*:*:*:*", matchCriteriaId: "A18D078E-1F1A-4DE5-AE43-840D96BE1C6C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "98C84F5B-72F6-4059-B634-80EE072D0DF9", versionEndIncluding: "07.2.04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_dragon_mach4000:-:*:*:*:*:*:*:*", matchCriteriaId: "5E0562EC-4942-4D14-A634-8A6A5FDB9561", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_dragon_mach4500:-:*:*:*:*:*:*:*", matchCriteriaId: "79E8B334-8109-4664-8DCC-10876BD702DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "CFB09BFE-D6C9-4433-A53A-F79608BFACA9", versionEndIncluding: "05.3.06", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_eagle_one:-:*:*:*:*:*:*:*", matchCriteriaId: "2D6D7B3E-90AD-43D9-9192-453A37921E8F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eagle20:-:*:*:*:*:*:*:*", matchCriteriaId: "771189D9-34F0-400D-938B-2AA218C28C43", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eagle30:-:*:*:*:*:*:*:*", matchCriteriaId: "3DCF228A-F3A8-4B36-A105-04E88980BA76", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:garrettcom_magnum_dx940e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BE3BDD99-1DFA-4037-8E77-902F39842153", versionEndIncluding: "1.0.1_y7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:garrettcom_magnum_dx940e:-:*:*:*:*:*:*:*", matchCriteriaId: "E9B635F0-96C1-49DA-957C-2ECD55A316C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Leak in the IGMPv3 client component. There is an IPNET security vulnerability: IGMP Information leak via IGMPv3 specific membership report.", }, { lang: "es", value: "Wind River VxWorks versiones 6.5, 6.6, 6.7, 6.8, 6.9.3 y 6.9.4, presenta una Pérdida de Memoria en el componente cliente IGMPv3. Se presenta una vulnerabilidad de seguridad de IPNET: Un filtrado de información de IGMP por medio de un reporte de membresía específico de IGMPv3.", }, ], id: "CVE-2019-12265", lastModified: "2024-11-21T04:22:31.523", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-08-09T19:15:11.327", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K41190253", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12265", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K41190253", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12265", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-401", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-08-09 20:15
Modified
2024-11-21 04:22
Severity ?
Summary
Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. This is a IPNET security vulnerability: DoS of TCP connection via malformed TCP options.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", matchCriteriaId: "D796397A-5CB0-4BF1-A2FD-8943B15751F8", versionEndExcluding: "6.9.4.12", versionStartIncluding: "6.5", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:7.0:-:*:*:*:*:*:*", matchCriteriaId: "F3497F9B-A721-4289-A49F-A19D0F7F0148", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "16C417C4-DC9B-48A8-AEAE-755BCC2DA389", versionEndIncluding: "5.9.0.7", versionStartIncluding: "5.9.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "3F047B55-4AAB-438D-BBF2-A0BAD4A5AFB2", versionEndIncluding: "5.9.1.12", versionStartIncluding: "5.9.1.0.", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "90EA3BDF-084B-4D67-B0EF-4D27CA0EF283", versionEndIncluding: "6.2.3.1", versionStartIncluding: "6.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "D59A1A87-D7B3-4F38-A83E-8CBF0A55A476", versionEndIncluding: "6.2.4.3", versionStartIncluding: "6.2.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "C306A1CA-3A13-4085-A481-25A6B2D2412A", versionEndIncluding: "6.2.5.3", versionStartIncluding: "6.2.5.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "819517C6-9288-45B1-96B0-90B05AA5F3C4", versionEndIncluding: "6.2.6.1", versionStartIncluding: "6.2.6.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "31148F5D-C86F-463D-9A5B-9D82515EF901", versionEndIncluding: "6.2.7.4", versionStartIncluding: "6.2.7.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "24520D09-E8D2-43BE-A4D3-19FE828A4309", versionEndIncluding: "6.2.9.2", versionStartIncluding: "6.2.9.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "DF416ABF-027E-4571-A81C-36280BFAA1F1", versionEndIncluding: "6.5.0.3", versionStartIncluding: "6.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "8C253EDA-69CE-4C3A-9ABF-A7C55CEFA29C", versionEndIncluding: "6.5.1.4", versionStartIncluding: "6.5.1.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "70C43F8A-0B85-4042-B691-8FDC841A3C2B", versionEndIncluding: "6.5.2.3", versionStartIncluding: "6.5.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "1F26B212-EE89-485A-A414-553C0F39DCA3", versionEndIncluding: "6.5.3.3", versionStartIncluding: "6.5.3.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "E6BA5213-EA5E-423B-9207-E06AED2917B3", versionEndIncluding: "6.5.4.3", versionStartIncluding: "6.5.4.0.", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:6.2.7.0:*:*:*:*:*:*:*", matchCriteriaId: "7BC6DEEC-5FB4-4017-B8F0-99A17AD93A52", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:6.2.7.1:*:*:*:*:*:*:*", matchCriteriaId: "DA6DA86B-D7E7-48E6-B841-206B9501DA67", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:6.2.7.7:*:*:*:*:*:*:*", matchCriteriaId: "D0A2A903-3092-40FB-99FE-B864C52D343E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp200", matchCriteriaId: "E7F2B915-D41F-4D3C-A52D-A63AB729716F", versionEndExcluding: "7.59", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", matchCriteriaId: "6E0F0E17-7BE6-40B8-985B-DF2F5F9D2CA7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "2E243199-8506-4F65-9C22-2CBD50208F0D", versionEndIncluding: "8.40.50.00", versionStartIncluding: "8.00", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp300", matchCriteriaId: "00314478-416E-488B-ADBF-DDED873ABE41", versionEndExcluding: "7.91", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", matchCriteriaId: "6E0F0E17-7BE6-40B8-985B-DF2F5F9D2CA7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:power_meter_9410_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9995922-9A9F-45B0-A982-3BC1D92B76D8", versionEndExcluding: "2.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:power_meter_9410:-:*:*:*:*:*:*:*", matchCriteriaId: "7900C33F-1C31-4A6F-B98C-EF0A8E64F241", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:power_meter_9810_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6FCC4AE0-E5A4-4B83-80E3-037FB836A9DA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:power_meter_9810:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5144E0-9082-497E-8958-6B85FDDD6C63", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "47C998D1-9DD5-4470-9241-174170541408", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7000:-:*:*:*:*:*:*:*", matchCriteriaId: "BD6F6C12-9373-48F2-B576-C9AC7A287B53", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7018_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8216AFC1-213B-4E31-8660-5161E08A7C4E", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7018:-:*:*:*:*:*:*:*", matchCriteriaId: "FC0F5DBF-4730-40CE-B9CE-DD4DA31D3ED6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7025_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AE5D7B8D-E74F-4839-8839-23894307992D", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7025:-:*:*:*:*:*:*:*", matchCriteriaId: "63967CFD-D35C-4793-858A-032C44E282F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD25C864-C272-45B7-8EC5-9120DF6A2072", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7200:-:*:*:*:*:*:*:*", matchCriteriaId: "F7146409-09B7-499C-9544-361B234E952D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "3950CA89-B400-427C-B6F2-54337AB694E0", versionEndIncluding: "07.0.07", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_ees20:-:*:*:*:*:*:*:*", matchCriteriaId: "D35A90AD-034E-434A-B989-4F871E0AD9A5", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_ees25:-:*:*:*:*:*:*:*", matchCriteriaId: "F3EF7BBA-2BCC-4A16-BBEE-E67CE8F95BE4", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eesx20:-:*:*:*:*:*:*:*", matchCriteriaId: "76F453AF-21B0-4611-95D7-88AD821632E8", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eesx30:-:*:*:*:*:*:*:*", matchCriteriaId: "BE6A655D-ED55-4344-9F75-5995371C87C3", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1020:-:*:*:*:*:*:*:*", matchCriteriaId: "29576107-85D0-4877-875F-7F60EFDB803D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1030:-:*:*:*:*:*:*:*", matchCriteriaId: "FF6200A3-7B4F-4A8E-B9DC-EE6A82093C20", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1042:-:*:*:*:*:*:*:*", matchCriteriaId: "DEBA19D8-8B2D-4AD0-AA77-A3139C33F44D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1120:-:*:*:*:*:*:*:*", matchCriteriaId: "1B4F7FEA-BB1F-405E-A047-87D0BF0DF054", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1130:-:*:*:*:*:*:*:*", matchCriteriaId: "641912E2-C368-4438-8D5C-F6615B9FDABC", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1142:-:*:*:*:*:*:*:*", matchCriteriaId: "F86BB5E8-4499-4E4F-AE5E-1471B297C16F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_msp30:-:*:*:*:*:*:*:*", matchCriteriaId: "E89FAE18-5B44-4203-ABFD-BC40AF7E51BE", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_msp32:-:*:*:*:*:*:*:*", matchCriteriaId: "8D0DFE2E-2356-46D6-B2D9-89FD907CA168", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rail_switch_power_lite:-:*:*:*:*:*:*:*", matchCriteriaId: "FDE06D94-B686-4468-86CF-AA68BB5CFEF4", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rail_switch_power_smart:-:*:*:*:*:*:*:*", matchCriteriaId: "BC6487F7-284A-40C2-B70D-9380AD2A47C1", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_red25:-:*:*:*:*:*:*:*", matchCriteriaId: "79354FA2-4C48-4506-94BE-7B9ECB18015D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp20:-:*:*:*:*:*:*:*", matchCriteriaId: "DED918F8-041E-4FFC-AFE8-484828696EDB", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp25:-:*:*:*:*:*:*:*", matchCriteriaId: "4ED7974C-BBE6-4BAE-8962-7B5638C7AE20", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp30:-:*:*:*:*:*:*:*", matchCriteriaId: "5EE16D46-7BA9-43D4-BB4E-1B638CE6C41B", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp35:-:*:*:*:*:*:*:*", matchCriteriaId: "165B837A-EF09-489F-BD7C-54107F491BC8", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe30:-:*:*:*:*:*:*:*", matchCriteriaId: "C06BF302-8E62-41DB-AA67-6369527B598F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe32:-:*:*:*:*:*:*:*", matchCriteriaId: "56D29DAB-C5D6-4539-86E4-43624FB957A9", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe35:-:*:*:*:*:*:*:*", matchCriteriaId: "305A9B3E-786C-4F8E-BE36-B4ED84650288", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe37:-:*:*:*:*:*:*:*", matchCriteriaId: "4CBC8B88-4EC3-4827-B100-3A5A91B29CC2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "2681FAC3-1E59-497A-9931-F4059F84EF86", versionEndIncluding: "07.5.01", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_msp40:-:*:*:*:*:*:*:*", matchCriteriaId: "E92390DF-BFCC-4F30-88A0-33F63CA9B1B3", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_octopus_os3:-:*:*:*:*:*:*:*", matchCriteriaId: "A18D078E-1F1A-4DE5-AE43-840D96BE1C6C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "98C84F5B-72F6-4059-B634-80EE072D0DF9", versionEndIncluding: "07.2.04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_dragon_mach4000:-:*:*:*:*:*:*:*", matchCriteriaId: "5E0562EC-4942-4D14-A634-8A6A5FDB9561", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_dragon_mach4500:-:*:*:*:*:*:*:*", matchCriteriaId: "79E8B334-8109-4664-8DCC-10876BD702DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "CFB09BFE-D6C9-4433-A53A-F79608BFACA9", versionEndIncluding: "05.3.06", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_eagle_one:-:*:*:*:*:*:*:*", matchCriteriaId: "2D6D7B3E-90AD-43D9-9192-453A37921E8F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eagle20:-:*:*:*:*:*:*:*", matchCriteriaId: "771189D9-34F0-400D-938B-2AA218C28C43", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eagle30:-:*:*:*:*:*:*:*", matchCriteriaId: "3DCF228A-F3A8-4B36-A105-04E88980BA76", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:garrettcom_magnum_dx940e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BE3BDD99-1DFA-4037-8E77-902F39842153", versionEndIncluding: "1.0.1_y7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:garrettcom_magnum_dx940e:-:*:*:*:*:*:*:*", matchCriteriaId: "E9B635F0-96C1-49DA-957C-2ECD55A316C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. This is a IPNET security vulnerability: DoS of TCP connection via malformed TCP options.", }, { lang: "es", value: "Wind River VxWorks versiones 6.6 hasta vx7, presenta una Fijación de Sesión en el componente TCP. Se trata de una vulnerabilidad de seguridad de IPNET: DoS de la conexión TCP por medio de opciones TCP malformadas.", }, ], id: "CVE-2019-12258", lastModified: "2024-11-21T04:22:30.200", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-08-09T20:15:11.410", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K41190253", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12258", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K41190253", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12258", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-384", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-08-09 20:15
Modified
2024-11-21 04:22
Severity ?
Summary
Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", matchCriteriaId: "326AA5C8-31F6-4107-93AF-1F64C1D9129E", versionEndExcluding: "6.9.4", versionStartIncluding: "6.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "2E243199-8506-4F65-9C22-2CBD50208F0D", versionEndIncluding: "8.40.50.00", versionStartIncluding: "8.00", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "16C417C4-DC9B-48A8-AEAE-755BCC2DA389", versionEndIncluding: "5.9.0.7", versionStartIncluding: "5.9.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "3F047B55-4AAB-438D-BBF2-A0BAD4A5AFB2", versionEndIncluding: "5.9.1.12", versionStartIncluding: "5.9.1.0.", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "90EA3BDF-084B-4D67-B0EF-4D27CA0EF283", versionEndIncluding: "6.2.3.1", versionStartIncluding: "6.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "D59A1A87-D7B3-4F38-A83E-8CBF0A55A476", versionEndIncluding: "6.2.4.3", versionStartIncluding: "6.2.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "C306A1CA-3A13-4085-A481-25A6B2D2412A", versionEndIncluding: "6.2.5.3", versionStartIncluding: "6.2.5.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "819517C6-9288-45B1-96B0-90B05AA5F3C4", versionEndIncluding: "6.2.6.1", versionStartIncluding: "6.2.6.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "31148F5D-C86F-463D-9A5B-9D82515EF901", versionEndIncluding: "6.2.7.4", versionStartIncluding: "6.2.7.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "24520D09-E8D2-43BE-A4D3-19FE828A4309", versionEndIncluding: "6.2.9.2", versionStartIncluding: "6.2.9.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "DF416ABF-027E-4571-A81C-36280BFAA1F1", versionEndIncluding: "6.5.0.3", versionStartIncluding: "6.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "8C253EDA-69CE-4C3A-9ABF-A7C55CEFA29C", versionEndIncluding: "6.5.1.4", versionStartIncluding: "6.5.1.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "70C43F8A-0B85-4042-B691-8FDC841A3C2B", versionEndIncluding: "6.5.2.3", versionStartIncluding: "6.5.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "1F26B212-EE89-485A-A414-553C0F39DCA3", versionEndIncluding: "6.5.3.3", versionStartIncluding: "6.5.3.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "E6BA5213-EA5E-423B-9207-E06AED2917B3", versionEndIncluding: "6.5.4.3", versionStartIncluding: "6.5.4.0.", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:6.2.7.0:*:*:*:*:*:*:*", matchCriteriaId: "7BC6DEEC-5FB4-4017-B8F0-99A17AD93A52", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:6.2.7.1:*:*:*:*:*:*:*", matchCriteriaId: "DA6DA86B-D7E7-48E6-B841-206B9501DA67", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:6.2.7.7:*:*:*:*:*:*:*", matchCriteriaId: "D0A2A903-3092-40FB-99FE-B864C52D343E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp300", matchCriteriaId: "00314478-416E-488B-ADBF-DDED873ABE41", versionEndExcluding: "7.91", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", matchCriteriaId: "6E0F0E17-7BE6-40B8-985B-DF2F5F9D2CA7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp200", matchCriteriaId: "E6E95365-D4D4-4666-8DB9-8AF782121CDF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siprotec_5:-:*:*:*:*:*:*:*", matchCriteriaId: "4732E0B8-AF15-4C24-A3D4-8826E0440FDF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp300", matchCriteriaId: "A4A621F2-33F1-4DB5-AF4D-BBEAAD7920B4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siprotec_5:-:*:*:*:*:*:*:*", matchCriteriaId: "4732E0B8-AF15-4C24-A3D4-8826E0440FDF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:power_meter_9410_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9995922-9A9F-45B0-A982-3BC1D92B76D8", versionEndExcluding: "2.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:power_meter_9410:-:*:*:*:*:*:*:*", matchCriteriaId: "7900C33F-1C31-4A6F-B98C-EF0A8E64F241", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:power_meter_9810_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6FCC4AE0-E5A4-4B83-80E3-037FB836A9DA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:power_meter_9810:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5144E0-9082-497E-8958-6B85FDDD6C63", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "47C998D1-9DD5-4470-9241-174170541408", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7000:-:*:*:*:*:*:*:*", matchCriteriaId: "BD6F6C12-9373-48F2-B576-C9AC7A287B53", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7018_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8216AFC1-213B-4E31-8660-5161E08A7C4E", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7018:-:*:*:*:*:*:*:*", matchCriteriaId: "FC0F5DBF-4730-40CE-B9CE-DD4DA31D3ED6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7025_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AE5D7B8D-E74F-4839-8839-23894307992D", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7025:-:*:*:*:*:*:*:*", matchCriteriaId: "63967CFD-D35C-4793-858A-032C44E282F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD25C864-C272-45B7-8EC5-9120DF6A2072", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7200:-:*:*:*:*:*:*:*", matchCriteriaId: "F7146409-09B7-499C-9544-361B234E952D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "3950CA89-B400-427C-B6F2-54337AB694E0", versionEndIncluding: "07.0.07", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_ees20:-:*:*:*:*:*:*:*", matchCriteriaId: "D35A90AD-034E-434A-B989-4F871E0AD9A5", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_ees25:-:*:*:*:*:*:*:*", matchCriteriaId: "F3EF7BBA-2BCC-4A16-BBEE-E67CE8F95BE4", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eesx20:-:*:*:*:*:*:*:*", matchCriteriaId: "76F453AF-21B0-4611-95D7-88AD821632E8", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eesx30:-:*:*:*:*:*:*:*", matchCriteriaId: "BE6A655D-ED55-4344-9F75-5995371C87C3", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1020:-:*:*:*:*:*:*:*", matchCriteriaId: "29576107-85D0-4877-875F-7F60EFDB803D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1030:-:*:*:*:*:*:*:*", matchCriteriaId: "FF6200A3-7B4F-4A8E-B9DC-EE6A82093C20", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1042:-:*:*:*:*:*:*:*", matchCriteriaId: "DEBA19D8-8B2D-4AD0-AA77-A3139C33F44D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1120:-:*:*:*:*:*:*:*", matchCriteriaId: "1B4F7FEA-BB1F-405E-A047-87D0BF0DF054", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1130:-:*:*:*:*:*:*:*", matchCriteriaId: "641912E2-C368-4438-8D5C-F6615B9FDABC", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1142:-:*:*:*:*:*:*:*", matchCriteriaId: "F86BB5E8-4499-4E4F-AE5E-1471B297C16F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_msp30:-:*:*:*:*:*:*:*", matchCriteriaId: "E89FAE18-5B44-4203-ABFD-BC40AF7E51BE", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_msp32:-:*:*:*:*:*:*:*", matchCriteriaId: "8D0DFE2E-2356-46D6-B2D9-89FD907CA168", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rail_switch_power_lite:-:*:*:*:*:*:*:*", matchCriteriaId: "FDE06D94-B686-4468-86CF-AA68BB5CFEF4", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rail_switch_power_smart:-:*:*:*:*:*:*:*", matchCriteriaId: "BC6487F7-284A-40C2-B70D-9380AD2A47C1", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_red25:-:*:*:*:*:*:*:*", matchCriteriaId: "79354FA2-4C48-4506-94BE-7B9ECB18015D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp20:-:*:*:*:*:*:*:*", matchCriteriaId: "DED918F8-041E-4FFC-AFE8-484828696EDB", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp25:-:*:*:*:*:*:*:*", matchCriteriaId: "4ED7974C-BBE6-4BAE-8962-7B5638C7AE20", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp30:-:*:*:*:*:*:*:*", matchCriteriaId: "5EE16D46-7BA9-43D4-BB4E-1B638CE6C41B", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp35:-:*:*:*:*:*:*:*", matchCriteriaId: "165B837A-EF09-489F-BD7C-54107F491BC8", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe30:-:*:*:*:*:*:*:*", matchCriteriaId: "C06BF302-8E62-41DB-AA67-6369527B598F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe32:-:*:*:*:*:*:*:*", matchCriteriaId: "56D29DAB-C5D6-4539-86E4-43624FB957A9", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe35:-:*:*:*:*:*:*:*", matchCriteriaId: "305A9B3E-786C-4F8E-BE36-B4ED84650288", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe37:-:*:*:*:*:*:*:*", matchCriteriaId: "4CBC8B88-4EC3-4827-B100-3A5A91B29CC2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "2681FAC3-1E59-497A-9931-F4059F84EF86", versionEndIncluding: "07.5.01", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_msp40:-:*:*:*:*:*:*:*", matchCriteriaId: "E92390DF-BFCC-4F30-88A0-33F63CA9B1B3", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_octopus_os3:-:*:*:*:*:*:*:*", matchCriteriaId: "A18D078E-1F1A-4DE5-AE43-840D96BE1C6C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "98C84F5B-72F6-4059-B634-80EE072D0DF9", versionEndIncluding: "07.2.04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_dragon_mach4000:-:*:*:*:*:*:*:*", matchCriteriaId: "5E0562EC-4942-4D14-A634-8A6A5FDB9561", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_dragon_mach4500:-:*:*:*:*:*:*:*", matchCriteriaId: "79E8B334-8109-4664-8DCC-10876BD702DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "CFB09BFE-D6C9-4433-A53A-F79608BFACA9", versionEndIncluding: "05.3.06", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_eagle_one:-:*:*:*:*:*:*:*", matchCriteriaId: "2D6D7B3E-90AD-43D9-9192-453A37921E8F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eagle20:-:*:*:*:*:*:*:*", matchCriteriaId: "771189D9-34F0-400D-938B-2AA218C28C43", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eagle30:-:*:*:*:*:*:*:*", matchCriteriaId: "3DCF228A-F3A8-4B36-A105-04E88980BA76", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:garrettcom_magnum_dx940e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BE3BDD99-1DFA-4037-8E77-902F39842153", versionEndIncluding: "1.0.1_y7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:garrettcom_magnum_dx940e:-:*:*:*:*:*:*:*", matchCriteriaId: "E9B635F0-96C1-49DA-957C-2ECD55A316C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow.", }, { lang: "es", value: "Wind River VxWorks presenta un desbordamiento de búfer en el componente TCP (problema 1 de 4). Esta es una vulnerabilidad de seguridad de IPNET: TCP Urgent Pointer = 0 que conduce a un desbordamiento de enteros.", }, ], id: "CVE-2019-12255", lastModified: "2024-11-21T04:22:29.610", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-08-09T20:15:11.347", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/154022/VxWorks-6.8-Integer-Underflow.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K41190253", }, { source: "cve@mitre.org", url: "https://support.f5.com/csp/article/K41190253?utm_source=f5support&%3Butm_medium=RSS", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12255", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/154022/VxWorks-6.8-Integer-Underflow.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K41190253", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.f5.com/csp/article/K41190253?utm_source=f5support&%3Butm_medium=RSS", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12255", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-11-25 15:15
Modified
2024-11-21 07:17
Severity ?
Summary
An issue was discovered in Wind River VxWorks 6.9 and 7, that allows a specifically crafted packet sent by a Radius server, may cause Denial of Service during the IP Radius access procedure.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", matchCriteriaId: "2E27E761-92D8-4A67-8D23-213E0C7BFFC6", versionEndExcluding: "6.9.4.12", versionStartIncluding: "6.9", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.9.4.12:-:*:*:*:*:*:*", matchCriteriaId: "69674D4D-2848-46BA-9367-7AA85EE2CD99", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.9.4.12:rolling_cumulative_patch_layer1:*:*:*:*:*:*", matchCriteriaId: "1052B8F5-1BC4-46B6-A8F1-F1BF9A40DDAF", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.9.4.12:rolling_cumulative_patch_layer2:*:*:*:*:*:*", matchCriteriaId: "7AABF1E5-DA6B-462D-A047-EC843F94568E", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.9.4.12:rolling_cumulative_patch_layer3:*:*:*:*:*:*", matchCriteriaId: "4C6D5D36-9CD0-4F54-B486-2FA1ECDFA8A4", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.9.4.12:rolling_cumulative_patch_layer4:*:*:*:*:*:*", matchCriteriaId: "6D9DC783-9D1E-4478-83DF-CF38774B4CF3", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.9.4.12:rolling_cumulative_patch_layer5:*:*:*:*:*:*", matchCriteriaId: "AF75490C-3BC7-46C2-9FB6-BBA317185023", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:7.0:*:*:*:*:*:*:*", matchCriteriaId: "D4810B35-06F6-4971-BE87-A30B1CF58AA0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in Wind River VxWorks 6.9 and 7, that allows a specifically crafted packet sent by a Radius server, may cause Denial of Service during the IP Radius access procedure.", }, { lang: "es", value: "Se descubrió un problema en Wind River VxWorks 6.9 y 7, que permite que un paquete específicamente manipulado enviado por un servidor Radius pueda causar denegación de servicio durante el procedimiento de acceso a IP Radius.", }, ], id: "CVE-2022-38767", lastModified: "2024-11-21T07:17:02.893", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-11-25T15:15:10.453", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2022-38767", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://windriver.com", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2022-38767", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://windriver.com", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-03-29 02:15
Modified
2024-11-21 06:49
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
In Wind River VxWorks 6.9 and 7, a specific crafted packet may lead to an out-of-bounds read during an IKE initial exchange scenario.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:6.9:*:*:*:*:*:*:*", matchCriteriaId: "01004955-97D1-4F7E-80D4-4B1509945FBF", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:7.0:*:*:*:*:*:*:*", matchCriteriaId: "D4810B35-06F6-4971-BE87-A30B1CF58AA0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Wind River VxWorks 6.9 and 7, a specific crafted packet may lead to an out-of-bounds read during an IKE initial exchange scenario.", }, { lang: "es", value: "En Wind River VxWorks versiones 6.9 y 7, un paquete diseñado específico puede provocar una lectura fuera de límites durante un escenario de intercambio inicial de IKE", }, ], id: "CVE-2022-23937", lastModified: "2024-11-21T06:49:29.540", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-03-29T02:15:07.187", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&pg=21#list", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&pg=21#list", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-03-20 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote attackers to cause a denial of service (daemon outage) via a crafted authentication request.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:6.5:*:*:*:*:*:*:*", matchCriteriaId: "9AB372D3-5FE7-4432-B1B1-00F0D1039459", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.6:*:*:*:*:*:*:*", matchCriteriaId: "3219535A-64F3-4106-8652-7DD72808AC3D", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.7:*:*:*:*:*:*:*", matchCriteriaId: "D930A712-C6C8-4251-8FB5-78E65DF2DFBD", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.8:*:*:*:*:*:*:*", matchCriteriaId: "3F36DA7F-6593-4327-A104-2F8829F2ED32", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.9:*:*:*:*:*:*:*", matchCriteriaId: "01004955-97D1-4F7E-80D4-4B1509945FBF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote attackers to cause a denial of service (daemon outage) via a crafted authentication request.", }, { lang: "es", value: "IPSSH (también conocido servidor SSH) en Wind River VxWorks v6.5 hasta v6.9 permite a atacantes remotos causar una denegación de servicios (parada del demonio) a través de una petición de autenticación manipulada.", }, ], id: "CVE-2013-0711", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-03-20T18:55:01.700", references: [ { source: "vultures@jpcert.or.jp", url: "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01", }, { source: "vultures@jpcert.or.jp", url: "http://jvn.jp/en/jp/JVN45545972/995359/index.html", }, { source: "vultures@jpcert.or.jp", url: "http://jvn.jp/en/jp/JVN45545972/index.html", }, { source: "vultures@jpcert.or.jp", url: "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000018", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://jvn.jp/en/jp/JVN45545972/995359/index.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://jvn.jp/en/jp/JVN45545972/index.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000018", }, ], sourceIdentifier: "vultures@jpcert.or.jp", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-03-20 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
The web server in Wind River VxWorks 5.5 through 6.9 allows remote attackers to cause a denial of service (daemon crash) via a crafted URI.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:6.5:*:*:*:*:*:*:*", matchCriteriaId: "9AB372D3-5FE7-4432-B1B1-00F0D1039459", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.6:*:*:*:*:*:*:*", matchCriteriaId: "3219535A-64F3-4106-8652-7DD72808AC3D", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.7:*:*:*:*:*:*:*", matchCriteriaId: "D930A712-C6C8-4251-8FB5-78E65DF2DFBD", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.8:*:*:*:*:*:*:*", matchCriteriaId: "3F36DA7F-6593-4327-A104-2F8829F2ED32", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.9:*:*:*:*:*:*:*", matchCriteriaId: "01004955-97D1-4F7E-80D4-4B1509945FBF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The web server in Wind River VxWorks 5.5 through 6.9 allows remote attackers to cause a denial of service (daemon crash) via a crafted URI.", }, { lang: "es", value: "El servidor web en Wind River VxWorks v5.5 hasta v6.9 permite a atacantes remotos causar una denegación de servicios (caída del demonio) a través de una URI manipulada", }, ], id: "CVE-2013-0716", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-03-20T18:55:01.807", references: [ { source: "vultures@jpcert.or.jp", url: "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01", }, { source: "vultures@jpcert.or.jp", url: "http://jvn.jp/en/jp/JVN41022517/995359/index.html", }, { source: "vultures@jpcert.or.jp", url: "http://jvn.jp/en/jp/JVN41022517/index.html", }, { source: "vultures@jpcert.or.jp", url: "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://jvn.jp/en/jp/JVN41022517/995359/index.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://jvn.jp/en/jp/JVN41022517/index.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000023", }, ], sourceIdentifier: "vultures@jpcert.or.jp", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2010-08-05 13:22
Modified
2025-04-11 00:51
Severity ?
Summary
The INCLUDE_SECURITY functionality in Wind River VxWorks 6.x, 5.x, and earlier uses the LOGIN_USER_NAME and LOGIN_USER_PASSWORD (aka LOGIN_PASSWORD) parameters to create hardcoded credentials, which makes it easier for remote attackers to obtain access via a (1) telnet, (2) rlogin, or (3) FTP session.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", matchCriteriaId: "8EB179D9-BA84-4DEA-88DF-AC3D0DE76EE1", versionEndIncluding: "6.8", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:5:*:*:*:*:*:*:*", matchCriteriaId: "F69B80D9-E6A6-4761-9EE3-3EF5E55EFA8B", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:5.5:*:*:*:*:*:*:*", matchCriteriaId: "FE3680A0-7B0C-4E91-97D7-B3F33EE1569A", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6:*:*:*:*:*:*:*", matchCriteriaId: "91724364-0D8C-4FC2-9AA6-1ADCEDE86DE8", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.4:*:*:*:*:*:*:*", matchCriteriaId: "1F452ABB-0174-4EC5-A82B-9D1164EBB163", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The INCLUDE_SECURITY functionality in Wind River VxWorks 6.x, 5.x, and earlier uses the LOGIN_USER_NAME and LOGIN_USER_PASSWORD (aka LOGIN_PASSWORD) parameters to create hardcoded credentials, which makes it easier for remote attackers to obtain access via a (1) telnet, (2) rlogin, or (3) FTP session.", }, { lang: "es", value: "La funcionalidad INCLUDE_SECURITY en Wind River VxWorks v6.x, v5.x, y anteriores usa los parámetros LOGIN_USER_NAME y LOGIN_USER_PASSWORD (conocido como LOGIN_PASSWORD) para crear credenciales fijas, que sea fácil para atacantes remotos obtener acceso a través de sesiones (1) telnet, (2) rlogin, o (3) FTP.", }, ], id: "CVE-2010-2966", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 7.8, confidentialityImpact: "COMPLETE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:C/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2010-08-05T13:22:29.827", references: [ { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", }, { source: "cve@mitre.org", tags: [ "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/840249", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/840249", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-255", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-05-12 11:15
Modified
2024-11-21 05:26
Severity ?
Summary
An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer overflow in calculating a memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", matchCriteriaId: "2E27E761-92D8-4A67-8D23-213E0C7BFFC6", versionEndExcluding: "6.9.4.12", versionStartIncluding: "6.9", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", matchCriteriaId: "DB07AF57-0F8D-4DCD-80DA-64096674F017", versionEndExcluding: "21.03", versionStartIncluding: "7.0", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.9.4.12:-:*:*:*:*:*:*", matchCriteriaId: "69674D4D-2848-46BA-9367-7AA85EE2CD99", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.9.4.12:rolling_cumulative_patch_layer1:*:*:*:*:*:*", matchCriteriaId: "1052B8F5-1BC4-46B6-A8F1-F1BF9A40DDAF", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.9.4.12:rolling_cumulative_patch_layer2:*:*:*:*:*:*", matchCriteriaId: "7AABF1E5-DA6B-462D-A047-EC843F94568E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_eagle:*:*:*:*:*:*:*:*", matchCriteriaId: "8D23D483-D206-46C5-8BFE-4FA23DD8AB52", versionEndIncluding: "46.8.2", versionStartIncluding: "46.8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_eagle:*:*:*:*:*:*:*:*", matchCriteriaId: "4143A5F6-CD91-4209-A52B-98854CCAC987", versionEndIncluding: "46.9.3", versionStartIncluding: "46.9.1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_eagle:46.7.0:*:*:*:*:*:*:*", matchCriteriaId: "9FED9166-7A2A-453D-9792-7A6361CEF594", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer overflow in calculating a memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption.", }, { lang: "es", value: "Se detectó un problema en Wind River VxWorks versión 7. El asignador de memoria presenta un posible desbordamiento de enteros al calcular el tamaño de un bloque de memoria que es asignado por una función calloc(). Como resultado, la memoria actual asignada es menor que el tamaño del búfer especificado por los argumentos, conllevando a una corrupción de la memoria", }, ], id: "CVE-2020-35198", lastModified: "2024-11-21T05:26:56.603", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-05-12T11:15:07.837", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-35198", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-35198", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-08-09 19:15
Modified
2024-11-21 04:22
Severity ?
Summary
Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", matchCriteriaId: "D796397A-5CB0-4BF1-A2FD-8943B15751F8", versionEndExcluding: "6.9.4.12", versionStartIncluding: "6.5", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:7.0:-:*:*:*:*:*:*", matchCriteriaId: "F3497F9B-A721-4289-A49F-A19D0F7F0148", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "16C417C4-DC9B-48A8-AEAE-755BCC2DA389", versionEndIncluding: "5.9.0.7", versionStartIncluding: "5.9.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "3F047B55-4AAB-438D-BBF2-A0BAD4A5AFB2", versionEndIncluding: "5.9.1.12", versionStartIncluding: "5.9.1.0.", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "90EA3BDF-084B-4D67-B0EF-4D27CA0EF283", versionEndIncluding: "6.2.3.1", versionStartIncluding: "6.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "D59A1A87-D7B3-4F38-A83E-8CBF0A55A476", versionEndIncluding: "6.2.4.3", versionStartIncluding: "6.2.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "C306A1CA-3A13-4085-A481-25A6B2D2412A", versionEndIncluding: "6.2.5.3", versionStartIncluding: "6.2.5.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "819517C6-9288-45B1-96B0-90B05AA5F3C4", versionEndIncluding: "6.2.6.1", versionStartIncluding: "6.2.6.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "31148F5D-C86F-463D-9A5B-9D82515EF901", versionEndIncluding: "6.2.7.4", versionStartIncluding: "6.2.7.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "24520D09-E8D2-43BE-A4D3-19FE828A4309", versionEndIncluding: "6.2.9.2", versionStartIncluding: "6.2.9.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "DF416ABF-027E-4571-A81C-36280BFAA1F1", versionEndIncluding: "6.5.0.3", versionStartIncluding: "6.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "8C253EDA-69CE-4C3A-9ABF-A7C55CEFA29C", versionEndIncluding: "6.5.1.4", versionStartIncluding: "6.5.1.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "70C43F8A-0B85-4042-B691-8FDC841A3C2B", versionEndIncluding: "6.5.2.3", versionStartIncluding: "6.5.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "1F26B212-EE89-485A-A414-553C0F39DCA3", versionEndIncluding: "6.5.3.3", versionStartIncluding: "6.5.3.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "E6BA5213-EA5E-423B-9207-E06AED2917B3", versionEndIncluding: "6.5.4.3", versionStartIncluding: "6.5.4.0.", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:6.2.7.0:*:*:*:*:*:*:*", matchCriteriaId: "7BC6DEEC-5FB4-4017-B8F0-99A17AD93A52", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:6.2.7.1:*:*:*:*:*:*:*", matchCriteriaId: "DA6DA86B-D7E7-48E6-B841-206B9501DA67", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:6.2.7.7:*:*:*:*:*:*:*", matchCriteriaId: "D0A2A903-3092-40FB-99FE-B864C52D343E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp200", matchCriteriaId: "E7F2B915-D41F-4D3C-A52D-A63AB729716F", versionEndExcluding: "7.59", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siprotec_5:-:*:*:*:*:*:*:*", matchCriteriaId: "4732E0B8-AF15-4C24-A3D4-8826E0440FDF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp300", matchCriteriaId: "00314478-416E-488B-ADBF-DDED873ABE41", versionEndExcluding: "7.91", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siprotec_5:-:*:*:*:*:*:*:*", matchCriteriaId: "4732E0B8-AF15-4C24-A3D4-8826E0440FDF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp100", matchCriteriaId: "353C593E-564E-4D53-ABDF-C5A442D944F2", versionEndExcluding: "7.91", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siprotec_5:-:*:*:*:*:*:*:*", matchCriteriaId: "4732E0B8-AF15-4C24-A3D4-8826E0440FDF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "47C998D1-9DD5-4470-9241-174170541408", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7000:-:*:*:*:*:*:*:*", matchCriteriaId: "BD6F6C12-9373-48F2-B576-C9AC7A287B53", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD25C864-C272-45B7-8EC5-9120DF6A2072", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7200:-:*:*:*:*:*:*:*", matchCriteriaId: "F7146409-09B7-499C-9544-361B234E952D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7025_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AE5D7B8D-E74F-4839-8839-23894307992D", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7025:-:*:*:*:*:*:*:*", matchCriteriaId: "63967CFD-D35C-4793-858A-032C44E282F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7018_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8216AFC1-213B-4E31-8660-5161E08A7C4E", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7018:-:*:*:*:*:*:*:*", matchCriteriaId: "FC0F5DBF-4730-40CE-B9CE-DD4DA31D3ED6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD25C864-C272-45B7-8EC5-9120DF6A2072", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7200:-:*:*:*:*:*:*:*", matchCriteriaId: "F7146409-09B7-499C-9544-361B234E952D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:9410_power_meter_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A9304D7-F978-4C0C-99D9-48539B13BF94", versionEndExcluding: "2.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:9410_power_meter:-:*:*:*:*:*:*:*", matchCriteriaId: "C1E5C66B-87B9-494B-AD75-4DCCEC158A4D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:9810_power_meter_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3D33EA5A-8CD6-43FA-90C3-E0533BA87A6F", versionEndExcluding: "2.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:9810_power_meter:-:*:*:*:*:*:*:*", matchCriteriaId: "C001993E-5668-42F9-9D77-7A220A167AD1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "3950CA89-B400-427C-B6F2-54337AB694E0", versionEndIncluding: "07.0.07", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_ees20:-:*:*:*:*:*:*:*", matchCriteriaId: "D35A90AD-034E-434A-B989-4F871E0AD9A5", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_ees25:-:*:*:*:*:*:*:*", matchCriteriaId: "F3EF7BBA-2BCC-4A16-BBEE-E67CE8F95BE4", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eesx20:-:*:*:*:*:*:*:*", matchCriteriaId: "76F453AF-21B0-4611-95D7-88AD821632E8", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eesx30:-:*:*:*:*:*:*:*", matchCriteriaId: "BE6A655D-ED55-4344-9F75-5995371C87C3", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1020:-:*:*:*:*:*:*:*", matchCriteriaId: "29576107-85D0-4877-875F-7F60EFDB803D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1030:-:*:*:*:*:*:*:*", matchCriteriaId: "FF6200A3-7B4F-4A8E-B9DC-EE6A82093C20", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1042:-:*:*:*:*:*:*:*", matchCriteriaId: "DEBA19D8-8B2D-4AD0-AA77-A3139C33F44D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1120:-:*:*:*:*:*:*:*", matchCriteriaId: "1B4F7FEA-BB1F-405E-A047-87D0BF0DF054", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1130:-:*:*:*:*:*:*:*", matchCriteriaId: "641912E2-C368-4438-8D5C-F6615B9FDABC", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1142:-:*:*:*:*:*:*:*", matchCriteriaId: "F86BB5E8-4499-4E4F-AE5E-1471B297C16F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_msp30:-:*:*:*:*:*:*:*", matchCriteriaId: "E89FAE18-5B44-4203-ABFD-BC40AF7E51BE", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_msp32:-:*:*:*:*:*:*:*", matchCriteriaId: "8D0DFE2E-2356-46D6-B2D9-89FD907CA168", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rail_switch_power_lite:-:*:*:*:*:*:*:*", matchCriteriaId: "FDE06D94-B686-4468-86CF-AA68BB5CFEF4", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rail_switch_power_smart:-:*:*:*:*:*:*:*", matchCriteriaId: "BC6487F7-284A-40C2-B70D-9380AD2A47C1", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_red25:-:*:*:*:*:*:*:*", matchCriteriaId: "79354FA2-4C48-4506-94BE-7B9ECB18015D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp20:-:*:*:*:*:*:*:*", matchCriteriaId: "DED918F8-041E-4FFC-AFE8-484828696EDB", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp25:-:*:*:*:*:*:*:*", matchCriteriaId: "4ED7974C-BBE6-4BAE-8962-7B5638C7AE20", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp30:-:*:*:*:*:*:*:*", matchCriteriaId: "5EE16D46-7BA9-43D4-BB4E-1B638CE6C41B", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp35:-:*:*:*:*:*:*:*", matchCriteriaId: "165B837A-EF09-489F-BD7C-54107F491BC8", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe30:-:*:*:*:*:*:*:*", matchCriteriaId: "C06BF302-8E62-41DB-AA67-6369527B598F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe32:-:*:*:*:*:*:*:*", matchCriteriaId: "56D29DAB-C5D6-4539-86E4-43624FB957A9", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe35:-:*:*:*:*:*:*:*", matchCriteriaId: "305A9B3E-786C-4F8E-BE36-B4ED84650288", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe37:-:*:*:*:*:*:*:*", matchCriteriaId: "4CBC8B88-4EC3-4827-B100-3A5A91B29CC2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "2681FAC3-1E59-497A-9931-F4059F84EF86", versionEndIncluding: "07.5.01", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_msp40:-:*:*:*:*:*:*:*", matchCriteriaId: "E92390DF-BFCC-4F30-88A0-33F63CA9B1B3", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_octopus_os3:-:*:*:*:*:*:*:*", matchCriteriaId: "A18D078E-1F1A-4DE5-AE43-840D96BE1C6C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "98C84F5B-72F6-4059-B634-80EE072D0DF9", versionEndIncluding: "07.2.04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_dragon_mach4000:-:*:*:*:*:*:*:*", matchCriteriaId: "5E0562EC-4942-4D14-A634-8A6A5FDB9561", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_dragon_mach4500:-:*:*:*:*:*:*:*", matchCriteriaId: "79E8B334-8109-4664-8DCC-10876BD702DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "CFB09BFE-D6C9-4433-A53A-F79608BFACA9", versionEndIncluding: "05.3.06", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_eagle_one:-:*:*:*:*:*:*:*", matchCriteriaId: "2D6D7B3E-90AD-43D9-9192-453A37921E8F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eagle20:-:*:*:*:*:*:*:*", matchCriteriaId: "771189D9-34F0-400D-938B-2AA218C28C43", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eagle30:-:*:*:*:*:*:*:*", matchCriteriaId: "3DCF228A-F3A8-4B36-A105-04E88980BA76", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:garrettcom_magnum_dx940e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BE3BDD99-1DFA-4037-8E77-902F39842153", versionEndIncluding: "1.0.1_y7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:garrettcom_magnum_dx940e:-:*:*:*:*:*:*:*", matchCriteriaId: "E9B635F0-96C1-49DA-957C-2ECD55A316C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing.", }, { lang: "es", value: "Wind River VxWorks versiones 6.6, 6.7 , 6.8, 6.9 y vx7, presenta un error de índice de matriz en el componente cliente IGMPv3. Se presenta una vulnerabilidad de seguridad de IPNET: DoS por medio de una desreferencia de NULL en el análisis IGMP.", }, ], id: "CVE-2019-12259", lastModified: "2024-11-21T04:22:30.387", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-08-09T19:15:11.140", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K41190253", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12259", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K41190253", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12259", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-11-24 17:15
Modified
2024-11-21 06:28
Severity ?
Summary
An issue was discovered in VxWorks 6.9 through 7. In the IKE component, a specifically crafted packet may lead to reading beyond the end of a buffer, or a double free.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", matchCriteriaId: "7EF12A2B-57D2-4347-96D3-C7067EAB82CE", versionEndIncluding: "7.0", versionStartIncluding: "6.9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in VxWorks 6.9 through 7. In the IKE component, a specifically crafted packet may lead to reading beyond the end of a buffer, or a double free.", }, { lang: "es", value: "Se ha detectado un problema en VxWorks versiones 6.9 a 7. En el componente IKE, un paquete específicamente diseñado puede conllevar a una lectura más allá del final de un búfer, o una doble liberación", }, ], id: "CVE-2021-43268", lastModified: "2024-11-21T06:28:57.507", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 2.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-11-24T17:15:08.030", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2021-43268", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2021-43268", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-415", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-08-09 21:15
Modified
2024-11-21 04:22
Severity ?
Summary
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", matchCriteriaId: "D796397A-5CB0-4BF1-A2FD-8943B15751F8", versionEndExcluding: "6.9.4.12", versionStartIncluding: "6.5", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:7.0:-:*:*:*:*:*:*", matchCriteriaId: "F3497F9B-A721-4289-A49F-A19D0F7F0148", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "16C417C4-DC9B-48A8-AEAE-755BCC2DA389", versionEndIncluding: "5.9.0.7", versionStartIncluding: "5.9.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "3F047B55-4AAB-438D-BBF2-A0BAD4A5AFB2", versionEndIncluding: "5.9.1.12", versionStartIncluding: "5.9.1.0.", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "90EA3BDF-084B-4D67-B0EF-4D27CA0EF283", versionEndIncluding: "6.2.3.1", versionStartIncluding: "6.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "D59A1A87-D7B3-4F38-A83E-8CBF0A55A476", versionEndIncluding: "6.2.4.3", versionStartIncluding: "6.2.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "C306A1CA-3A13-4085-A481-25A6B2D2412A", versionEndIncluding: "6.2.5.3", versionStartIncluding: "6.2.5.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "819517C6-9288-45B1-96B0-90B05AA5F3C4", versionEndIncluding: "6.2.6.1", versionStartIncluding: "6.2.6.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "31148F5D-C86F-463D-9A5B-9D82515EF901", versionEndIncluding: "6.2.7.4", versionStartIncluding: "6.2.7.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "24520D09-E8D2-43BE-A4D3-19FE828A4309", versionEndIncluding: "6.2.9.2", versionStartIncluding: "6.2.9.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "DF416ABF-027E-4571-A81C-36280BFAA1F1", versionEndIncluding: "6.5.0.3", versionStartIncluding: "6.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "8C253EDA-69CE-4C3A-9ABF-A7C55CEFA29C", versionEndIncluding: "6.5.1.4", versionStartIncluding: "6.5.1.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "70C43F8A-0B85-4042-B691-8FDC841A3C2B", versionEndIncluding: "6.5.2.3", versionStartIncluding: "6.5.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "1F26B212-EE89-485A-A414-553C0F39DCA3", versionEndIncluding: "6.5.3.3", versionStartIncluding: "6.5.3.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "E6BA5213-EA5E-423B-9207-E06AED2917B3", versionEndIncluding: "6.5.4.3", versionStartIncluding: "6.5.4.0.", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:6.2.7.0:*:*:*:*:*:*:*", matchCriteriaId: "7BC6DEEC-5FB4-4017-B8F0-99A17AD93A52", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:6.2.7.1:*:*:*:*:*:*:*", matchCriteriaId: "DA6DA86B-D7E7-48E6-B841-206B9501DA67", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:6.2.7.7:*:*:*:*:*:*:*", matchCriteriaId: "D0A2A903-3092-40FB-99FE-B864C52D343E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp200", matchCriteriaId: "E7F2B915-D41F-4D3C-A52D-A63AB729716F", versionEndExcluding: "7.59", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", matchCriteriaId: "6E0F0E17-7BE6-40B8-985B-DF2F5F9D2CA7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "2E243199-8506-4F65-9C22-2CBD50208F0D", versionEndIncluding: "8.40.50.00", versionStartIncluding: "8.00", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp300", matchCriteriaId: "00314478-416E-488B-ADBF-DDED873ABE41", versionEndExcluding: "7.91", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", matchCriteriaId: "6E0F0E17-7BE6-40B8-985B-DF2F5F9D2CA7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:power_meter_9410_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9995922-9A9F-45B0-A982-3BC1D92B76D8", versionEndExcluding: "2.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:power_meter_9410:-:*:*:*:*:*:*:*", matchCriteriaId: "7900C33F-1C31-4A6F-B98C-EF0A8E64F241", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:power_meter_9810_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6FCC4AE0-E5A4-4B83-80E3-037FB836A9DA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:power_meter_9810:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5144E0-9082-497E-8958-6B85FDDD6C63", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "47C998D1-9DD5-4470-9241-174170541408", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7000:-:*:*:*:*:*:*:*", matchCriteriaId: "BD6F6C12-9373-48F2-B576-C9AC7A287B53", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7018_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8216AFC1-213B-4E31-8660-5161E08A7C4E", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7018:-:*:*:*:*:*:*:*", matchCriteriaId: "FC0F5DBF-4730-40CE-B9CE-DD4DA31D3ED6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7025_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AE5D7B8D-E74F-4839-8839-23894307992D", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7025:-:*:*:*:*:*:*:*", matchCriteriaId: "63967CFD-D35C-4793-858A-032C44E282F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD25C864-C272-45B7-8EC5-9120DF6A2072", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7200:-:*:*:*:*:*:*:*", matchCriteriaId: "F7146409-09B7-499C-9544-361B234E952D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_eagle:*:*:*:*:*:*:*:*", matchCriteriaId: "243EA2F1-2C91-43FD-8B6D-AA8F20FD7F7F", versionEndIncluding: "46.8.2", versionStartIncluding: "46.6.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "3950CA89-B400-427C-B6F2-54337AB694E0", versionEndIncluding: "07.0.07", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_ees20:-:*:*:*:*:*:*:*", matchCriteriaId: "D35A90AD-034E-434A-B989-4F871E0AD9A5", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_ees25:-:*:*:*:*:*:*:*", matchCriteriaId: "F3EF7BBA-2BCC-4A16-BBEE-E67CE8F95BE4", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eesx20:-:*:*:*:*:*:*:*", matchCriteriaId: "76F453AF-21B0-4611-95D7-88AD821632E8", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eesx30:-:*:*:*:*:*:*:*", matchCriteriaId: "BE6A655D-ED55-4344-9F75-5995371C87C3", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1020:-:*:*:*:*:*:*:*", matchCriteriaId: "29576107-85D0-4877-875F-7F60EFDB803D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1030:-:*:*:*:*:*:*:*", matchCriteriaId: "FF6200A3-7B4F-4A8E-B9DC-EE6A82093C20", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1042:-:*:*:*:*:*:*:*", matchCriteriaId: "DEBA19D8-8B2D-4AD0-AA77-A3139C33F44D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1120:-:*:*:*:*:*:*:*", matchCriteriaId: "1B4F7FEA-BB1F-405E-A047-87D0BF0DF054", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1130:-:*:*:*:*:*:*:*", matchCriteriaId: "641912E2-C368-4438-8D5C-F6615B9FDABC", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1142:-:*:*:*:*:*:*:*", matchCriteriaId: "F86BB5E8-4499-4E4F-AE5E-1471B297C16F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_msp30:-:*:*:*:*:*:*:*", matchCriteriaId: "E89FAE18-5B44-4203-ABFD-BC40AF7E51BE", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_msp32:-:*:*:*:*:*:*:*", matchCriteriaId: "8D0DFE2E-2356-46D6-B2D9-89FD907CA168", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rail_switch_power_lite:-:*:*:*:*:*:*:*", matchCriteriaId: "FDE06D94-B686-4468-86CF-AA68BB5CFEF4", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rail_switch_power_smart:-:*:*:*:*:*:*:*", matchCriteriaId: "BC6487F7-284A-40C2-B70D-9380AD2A47C1", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_red25:-:*:*:*:*:*:*:*", matchCriteriaId: "79354FA2-4C48-4506-94BE-7B9ECB18015D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp20:-:*:*:*:*:*:*:*", matchCriteriaId: "DED918F8-041E-4FFC-AFE8-484828696EDB", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp25:-:*:*:*:*:*:*:*", matchCriteriaId: "4ED7974C-BBE6-4BAE-8962-7B5638C7AE20", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp30:-:*:*:*:*:*:*:*", matchCriteriaId: "5EE16D46-7BA9-43D4-BB4E-1B638CE6C41B", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp35:-:*:*:*:*:*:*:*", matchCriteriaId: "165B837A-EF09-489F-BD7C-54107F491BC8", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe30:-:*:*:*:*:*:*:*", matchCriteriaId: "C06BF302-8E62-41DB-AA67-6369527B598F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe32:-:*:*:*:*:*:*:*", matchCriteriaId: "56D29DAB-C5D6-4539-86E4-43624FB957A9", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe35:-:*:*:*:*:*:*:*", matchCriteriaId: "305A9B3E-786C-4F8E-BE36-B4ED84650288", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe37:-:*:*:*:*:*:*:*", matchCriteriaId: "4CBC8B88-4EC3-4827-B100-3A5A91B29CC2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "2681FAC3-1E59-497A-9931-F4059F84EF86", versionEndIncluding: "07.5.01", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_msp40:-:*:*:*:*:*:*:*", matchCriteriaId: "E92390DF-BFCC-4F30-88A0-33F63CA9B1B3", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_octopus_os3:-:*:*:*:*:*:*:*", matchCriteriaId: "A18D078E-1F1A-4DE5-AE43-840D96BE1C6C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "98C84F5B-72F6-4059-B634-80EE072D0DF9", versionEndIncluding: "07.2.04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_dragon_mach4000:-:*:*:*:*:*:*:*", matchCriteriaId: "5E0562EC-4942-4D14-A634-8A6A5FDB9561", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_dragon_mach4500:-:*:*:*:*:*:*:*", matchCriteriaId: "79E8B334-8109-4664-8DCC-10876BD702DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "CFB09BFE-D6C9-4433-A53A-F79608BFACA9", versionEndIncluding: "05.3.06", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_eagle_one:-:*:*:*:*:*:*:*", matchCriteriaId: "2D6D7B3E-90AD-43D9-9192-453A37921E8F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eagle20:-:*:*:*:*:*:*:*", matchCriteriaId: "771189D9-34F0-400D-938B-2AA218C28C43", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eagle30:-:*:*:*:*:*:*:*", matchCriteriaId: "3DCF228A-F3A8-4B36-A105-04E88980BA76", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:garrettcom_magnum_dx940e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BE3BDD99-1DFA-4037-8E77-902F39842153", versionEndIncluding: "1.0.1_y7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:garrettcom_magnum_dx940e:-:*:*:*:*:*:*:*", matchCriteriaId: "E9B635F0-96C1-49DA-957C-2ECD55A316C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option.", }, { lang: "es", value: "Wind River VxWorks versiones 6.9 y vx7, presenta un Desbordamiento de Búfer en el componente TCP (problema 2 de 4). Se trata de una vulnerabilidad de seguridad de IPNET: Confusión de estado de TCP Urgent Pointer causada por una opción AO de TCP malformada.", }, ], id: "CVE-2019-12260", lastModified: "2024-11-21T04:22:30.570", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-08-09T21:15:11.000", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K41190253", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12260", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K41190253", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12260", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-02-07 17:59
Modified
2024-11-21 02:37
Severity ?
Summary
Integer overflow in the _authenticate function in svc_auth.c in Wind River VxWorks 5.5 through 6.9.4.1, when the Remote Procedure Call (RPC) protocol is enabled, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a username and password.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", matchCriteriaId: "A26082C0-6F92-49E3-A7AC-F4ED7C214EF6", versionEndIncluding: "6.9.4.1", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:5.5:*:*:*:*:*:*:*", matchCriteriaId: "FE3680A0-7B0C-4E91-97D7-B3F33EE1569A", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.4:*:*:*:*:*:*:*", matchCriteriaId: "1F452ABB-0174-4EC5-A82B-9D1164EBB163", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.7:*:*:*:*:*:*:*", matchCriteriaId: "D930A712-C6C8-4251-8FB5-78E65DF2DFBD", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.8:*:*:*:*:*:*:*", matchCriteriaId: "3F36DA7F-6593-4327-A104-2F8829F2ED32", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.9:*:*:*:*:*:*:*", matchCriteriaId: "01004955-97D1-4F7E-80D4-4B1509945FBF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Integer overflow in the _authenticate function in svc_auth.c in Wind River VxWorks 5.5 through 6.9.4.1, when the Remote Procedure Call (RPC) protocol is enabled, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a username and password.", }, { lang: "es", value: "Desbordamiento de entero en la función _authenticate en svc_auth.c en Wind River VxWorks 5.5 hasta la versión 6.9.4.1, cuando el protocolo Remote Procedure Call (RPC) esta habilitado, permite a atacantes remotos provocar una denegación de servicio (caída) o posiblemente ejecutar código arbitrario a través de un nombre de usuario y contraseña.", }, ], id: "CVE-2015-7599", lastModified: "2024-11-21T02:37:02.230", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-02-07T17:59:00.147", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://blogs.windriver.com/wind_river_blog/2015/09/wind-river-vxworks-updateclarification.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/79205", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netapp.com/support/s/article/cve-2015-7599-vxworks-vulnerability-impacting-netapp-e-series-products?language=en_US", }, { source: "cve@mitre.org", url: "https://security.netapp.com/advisory/ntap-20151029-0001/", }, { source: "cve@mitre.org", tags: [ "Technical Description", "Third Party Advisory", ], url: "https://www.syscan360.org/slides/2015_EN_AttackingVxWorksFromstoneagetointerstellar_Eric_Yannick.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://blogs.windriver.com/wind_river_blog/2015/09/wind-river-vxworks-updateclarification.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/79205", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netapp.com/support/s/article/cve-2015-7599-vxworks-vulnerability-impacting-netapp-e-series-products?language=en_US", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20151029-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Technical Description", "Third Party Advisory", ], url: "https://www.syscan360.org/slides/2015_EN_AttackingVxWorksFromstoneagetointerstellar_Eric_Yannick.pdf", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-03-20 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote authenticated users to cause a denial of service (daemon outage) via a crafted packet.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:6.5:*:*:*:*:*:*:*", matchCriteriaId: "9AB372D3-5FE7-4432-B1B1-00F0D1039459", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.6:*:*:*:*:*:*:*", matchCriteriaId: "3219535A-64F3-4106-8652-7DD72808AC3D", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.7:*:*:*:*:*:*:*", matchCriteriaId: "D930A712-C6C8-4251-8FB5-78E65DF2DFBD", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.8:*:*:*:*:*:*:*", matchCriteriaId: "3F36DA7F-6593-4327-A104-2F8829F2ED32", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.9:*:*:*:*:*:*:*", matchCriteriaId: "01004955-97D1-4F7E-80D4-4B1509945FBF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote authenticated users to cause a denial of service (daemon outage) via a crafted packet.", }, { lang: "es", value: "IPSSH (también conocido como el servidor SSH) en Wind River VxWorks v6.5 hasta v6.9 permite a usuarios remotos autenticados provocar una denegación de servicio a través de un paquete especialmente diseñado.", }, ], id: "CVE-2013-0712", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 6.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-03-20T18:55:01.727", references: [ { source: "vultures@jpcert.or.jp", url: "http://jvn.jp/en/jp/JVN01611135/995359/index.html", }, { source: "vultures@jpcert.or.jp", url: "http://jvn.jp/en/jp/JVN01611135/index.html", }, { source: "vultures@jpcert.or.jp", url: "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000019", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://jvn.jp/en/jp/JVN01611135/995359/index.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://jvn.jp/en/jp/JVN01611135/index.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000019", }, ], sourceIdentifier: "vultures@jpcert.or.jp", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-08-09 18:15
Modified
2024-11-21 04:22
Severity ?
Summary
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets’ IP options.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", matchCriteriaId: "D796397A-5CB0-4BF1-A2FD-8943B15751F8", versionEndExcluding: "6.9.4.12", versionStartIncluding: "6.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "2E243199-8506-4F65-9C22-2CBD50208F0D", versionEndIncluding: "8.40.50.00", versionStartIncluding: "8.00", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "16C417C4-DC9B-48A8-AEAE-755BCC2DA389", versionEndIncluding: "5.9.0.7", versionStartIncluding: "5.9.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "3F047B55-4AAB-438D-BBF2-A0BAD4A5AFB2", versionEndIncluding: "5.9.1.12", versionStartIncluding: "5.9.1.0.", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "90EA3BDF-084B-4D67-B0EF-4D27CA0EF283", versionEndIncluding: "6.2.3.1", versionStartIncluding: "6.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "D59A1A87-D7B3-4F38-A83E-8CBF0A55A476", versionEndIncluding: "6.2.4.3", versionStartIncluding: "6.2.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "C306A1CA-3A13-4085-A481-25A6B2D2412A", versionEndIncluding: "6.2.5.3", versionStartIncluding: "6.2.5.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "819517C6-9288-45B1-96B0-90B05AA5F3C4", versionEndIncluding: "6.2.6.1", versionStartIncluding: "6.2.6.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "31148F5D-C86F-463D-9A5B-9D82515EF901", versionEndIncluding: "6.2.7.4", versionStartIncluding: "6.2.7.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "24520D09-E8D2-43BE-A4D3-19FE828A4309", versionEndIncluding: "6.2.9.2", versionStartIncluding: "6.2.9.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "DF416ABF-027E-4571-A81C-36280BFAA1F1", versionEndIncluding: "6.5.0.3", versionStartIncluding: "6.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "8C253EDA-69CE-4C3A-9ABF-A7C55CEFA29C", versionEndIncluding: "6.5.1.4", versionStartIncluding: "6.5.1.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "70C43F8A-0B85-4042-B691-8FDC841A3C2B", versionEndIncluding: "6.5.2.3", versionStartIncluding: "6.5.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "1F26B212-EE89-485A-A414-553C0F39DCA3", versionEndIncluding: "6.5.3.3", versionStartIncluding: "6.5.3.0", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", matchCriteriaId: "E6BA5213-EA5E-423B-9207-E06AED2917B3", versionEndIncluding: "6.5.4.3", versionStartIncluding: "6.5.4.0.", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:6.2.7.0:*:*:*:*:*:*:*", matchCriteriaId: "7BC6DEEC-5FB4-4017-B8F0-99A17AD93A52", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:6.2.7.1:*:*:*:*:*:*:*", matchCriteriaId: "DA6DA86B-D7E7-48E6-B841-206B9501DA67", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:6.2.7.7:*:*:*:*:*:*:*", matchCriteriaId: "D0A2A903-3092-40FB-99FE-B864C52D343E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp200", matchCriteriaId: "E7F2B915-D41F-4D3C-A52D-A63AB729716F", versionEndExcluding: "7.59", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", matchCriteriaId: "6E0F0E17-7BE6-40B8-985B-DF2F5F9D2CA7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp300", matchCriteriaId: "00314478-416E-488B-ADBF-DDED873ABE41", versionEndExcluding: "7.91", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", matchCriteriaId: "6E0F0E17-7BE6-40B8-985B-DF2F5F9D2CA7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:power_meter_9410_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9995922-9A9F-45B0-A982-3BC1D92B76D8", versionEndExcluding: "2.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:power_meter_9410:-:*:*:*:*:*:*:*", matchCriteriaId: "7900C33F-1C31-4A6F-B98C-EF0A8E64F241", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:power_meter_9810_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6FCC4AE0-E5A4-4B83-80E3-037FB836A9DA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:power_meter_9810:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5144E0-9082-497E-8958-6B85FDDD6C63", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "47C998D1-9DD5-4470-9241-174170541408", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7000:-:*:*:*:*:*:*:*", matchCriteriaId: "BD6F6C12-9373-48F2-B576-C9AC7A287B53", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7018_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8216AFC1-213B-4E31-8660-5161E08A7C4E", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7018:-:*:*:*:*:*:*:*", matchCriteriaId: "FC0F5DBF-4730-40CE-B9CE-DD4DA31D3ED6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7025_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AE5D7B8D-E74F-4839-8839-23894307992D", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7025:-:*:*:*:*:*:*:*", matchCriteriaId: "63967CFD-D35C-4793-858A-032C44E282F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_win7200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD25C864-C272-45B7-8EC5-9120DF6A2072", versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_win7200:-:*:*:*:*:*:*:*", matchCriteriaId: "F7146409-09B7-499C-9544-361B234E952D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "3950CA89-B400-427C-B6F2-54337AB694E0", versionEndIncluding: "07.0.07", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_ees20:-:*:*:*:*:*:*:*", matchCriteriaId: "D35A90AD-034E-434A-B989-4F871E0AD9A5", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_ees25:-:*:*:*:*:*:*:*", matchCriteriaId: "F3EF7BBA-2BCC-4A16-BBEE-E67CE8F95BE4", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eesx20:-:*:*:*:*:*:*:*", matchCriteriaId: "76F453AF-21B0-4611-95D7-88AD821632E8", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eesx30:-:*:*:*:*:*:*:*", matchCriteriaId: "BE6A655D-ED55-4344-9F75-5995371C87C3", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1020:-:*:*:*:*:*:*:*", matchCriteriaId: "29576107-85D0-4877-875F-7F60EFDB803D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1030:-:*:*:*:*:*:*:*", matchCriteriaId: "FF6200A3-7B4F-4A8E-B9DC-EE6A82093C20", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1042:-:*:*:*:*:*:*:*", matchCriteriaId: "DEBA19D8-8B2D-4AD0-AA77-A3139C33F44D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1120:-:*:*:*:*:*:*:*", matchCriteriaId: "1B4F7FEA-BB1F-405E-A047-87D0BF0DF054", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1130:-:*:*:*:*:*:*:*", matchCriteriaId: "641912E2-C368-4438-8D5C-F6615B9FDABC", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_grs1142:-:*:*:*:*:*:*:*", matchCriteriaId: "F86BB5E8-4499-4E4F-AE5E-1471B297C16F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_msp30:-:*:*:*:*:*:*:*", matchCriteriaId: "E89FAE18-5B44-4203-ABFD-BC40AF7E51BE", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_msp32:-:*:*:*:*:*:*:*", matchCriteriaId: "8D0DFE2E-2356-46D6-B2D9-89FD907CA168", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rail_switch_power_lite:-:*:*:*:*:*:*:*", matchCriteriaId: "FDE06D94-B686-4468-86CF-AA68BB5CFEF4", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rail_switch_power_smart:-:*:*:*:*:*:*:*", matchCriteriaId: "BC6487F7-284A-40C2-B70D-9380AD2A47C1", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_red25:-:*:*:*:*:*:*:*", matchCriteriaId: "79354FA2-4C48-4506-94BE-7B9ECB18015D", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp20:-:*:*:*:*:*:*:*", matchCriteriaId: "DED918F8-041E-4FFC-AFE8-484828696EDB", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp25:-:*:*:*:*:*:*:*", matchCriteriaId: "4ED7974C-BBE6-4BAE-8962-7B5638C7AE20", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp30:-:*:*:*:*:*:*:*", matchCriteriaId: "5EE16D46-7BA9-43D4-BB4E-1B638CE6C41B", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rsp35:-:*:*:*:*:*:*:*", matchCriteriaId: "165B837A-EF09-489F-BD7C-54107F491BC8", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe30:-:*:*:*:*:*:*:*", matchCriteriaId: "C06BF302-8E62-41DB-AA67-6369527B598F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe32:-:*:*:*:*:*:*:*", matchCriteriaId: "56D29DAB-C5D6-4539-86E4-43624FB957A9", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe35:-:*:*:*:*:*:*:*", matchCriteriaId: "305A9B3E-786C-4F8E-BE36-B4ED84650288", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_rspe37:-:*:*:*:*:*:*:*", matchCriteriaId: "4CBC8B88-4EC3-4827-B100-3A5A91B29CC2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "2681FAC3-1E59-497A-9931-F4059F84EF86", versionEndIncluding: "07.5.01", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_msp40:-:*:*:*:*:*:*:*", matchCriteriaId: "E92390DF-BFCC-4F30-88A0-33F63CA9B1B3", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_octopus_os3:-:*:*:*:*:*:*:*", matchCriteriaId: "A18D078E-1F1A-4DE5-AE43-840D96BE1C6C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "98C84F5B-72F6-4059-B634-80EE072D0DF9", versionEndIncluding: "07.2.04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_dragon_mach4000:-:*:*:*:*:*:*:*", matchCriteriaId: "5E0562EC-4942-4D14-A634-8A6A5FDB9561", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_dragon_mach4500:-:*:*:*:*:*:*:*", matchCriteriaId: "79E8B334-8109-4664-8DCC-10876BD702DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", matchCriteriaId: "CFB09BFE-D6C9-4433-A53A-F79608BFACA9", versionEndIncluding: "05.3.06", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:hirschmann_eagle_one:-:*:*:*:*:*:*:*", matchCriteriaId: "2D6D7B3E-90AD-43D9-9192-453A37921E8F", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eagle20:-:*:*:*:*:*:*:*", matchCriteriaId: "771189D9-34F0-400D-938B-2AA218C28C43", vulnerable: false, }, { criteria: "cpe:2.3:h:belden:hirschmann_eagle30:-:*:*:*:*:*:*:*", matchCriteriaId: "3DCF228A-F3A8-4B36-A105-04E88980BA76", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:belden:garrettcom_magnum_dx940e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BE3BDD99-1DFA-4037-8E77-902F39842153", versionEndIncluding: "1.0.1_y7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:belden:garrettcom_magnum_dx940e:-:*:*:*:*:*:*:*", matchCriteriaId: "E9B635F0-96C1-49DA-957C-2ECD55A316C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets’ IP options.", }, { lang: "es", value: "Wind River VxWorks 6.9 y vx7 tiene un desbordamiento de búfer en el componente IPv4. Existe una vulnerabilidad de seguridad IPNET: desbordamiento de pila en el análisis de las opciones IP de los paquetes IPv4.", }, ], id: "CVE-2019-12256", lastModified: "2024-11-21T04:22:29.823", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-08-09T18:15:11.227", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K41190253", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12256", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K41190253", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12256", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2010-08-05 13:22
Modified
2025-04-11 00:51
Severity ?
Summary
The loginDefaultEncrypt algorithm in loginLib in Wind River VxWorks before 6.9 does not properly support a large set of distinct possible passwords, which makes it easier for remote attackers to obtain access via a (1) telnet, (2) rlogin, or (3) FTP session.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", matchCriteriaId: "8EB179D9-BA84-4DEA-88DF-AC3D0DE76EE1", versionEndIncluding: "6.8", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:5:*:*:*:*:*:*:*", matchCriteriaId: "F69B80D9-E6A6-4761-9EE3-3EF5E55EFA8B", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:5.5:*:*:*:*:*:*:*", matchCriteriaId: "FE3680A0-7B0C-4E91-97D7-B3F33EE1569A", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6:*:*:*:*:*:*:*", matchCriteriaId: "91724364-0D8C-4FC2-9AA6-1ADCEDE86DE8", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.4:*:*:*:*:*:*:*", matchCriteriaId: "1F452ABB-0174-4EC5-A82B-9D1164EBB163", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The loginDefaultEncrypt algorithm in loginLib in Wind River VxWorks before 6.9 does not properly support a large set of distinct possible passwords, which makes it easier for remote attackers to obtain access via a (1) telnet, (2) rlogin, or (3) FTP session.", }, { lang: "es", value: "El algoritmo loginDefaultEncrypt en loginLib en Wind River VxWorks anterior v6.9 no soporta adecuadamente un amplio conjunto de distintas posibilidades de contraseña, lo que hace fácil para atacantes remotos obtner acceso a través de una sesión (1) telnet, (2) rlogin, o (3) FTP.\r\n\r\n", }, ], id: "CVE-2010-2967", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 7.8, confidentialityImpact: "COMPLETE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:C/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2010-08-05T13:22:29.857", references: [ { source: "cve@mitre.org", url: "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", }, { source: "cve@mitre.org", tags: [ "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/840249", }, { source: "cve@mitre.org", url: "http://www.kb.cert.org/vuls/id/MAPG-863QH9", }, { source: "cve@mitre.org", url: "https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033709", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/840249", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.kb.cert.org/vuls/id/MAPG-863QH9", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033709", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-310", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-03-20 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote attackers to execute arbitrary code or cause a denial of service (daemon hang) via a crafted public-key authentication request.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:6.5:*:*:*:*:*:*:*", matchCriteriaId: "9AB372D3-5FE7-4432-B1B1-00F0D1039459", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.6:*:*:*:*:*:*:*", matchCriteriaId: "3219535A-64F3-4106-8652-7DD72808AC3D", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.7:*:*:*:*:*:*:*", matchCriteriaId: "D930A712-C6C8-4251-8FB5-78E65DF2DFBD", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.8:*:*:*:*:*:*:*", matchCriteriaId: "3F36DA7F-6593-4327-A104-2F8829F2ED32", vulnerable: true, }, { criteria: "cpe:2.3:o:windriver:vxworks:6.9:*:*:*:*:*:*:*", matchCriteriaId: "01004955-97D1-4F7E-80D4-4B1509945FBF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote attackers to execute arbitrary code or cause a denial of service (daemon hang) via a crafted public-key authentication request.", }, { lang: "es", value: "IPSSH (también conocido como servidor SSH) en Wind River VxWorks v6.5 hasta v6.9 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicios (caída del demonio) a través de una petición de autenticación de clave pública manipulada.", }, ], id: "CVE-2013-0714", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-03-20T18:55:01.767", references: [ { source: "vultures@jpcert.or.jp", url: "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01", }, { source: "vultures@jpcert.or.jp", url: "http://jvn.jp/en/jp/JVN20671901/995359/index.html", }, { source: "vultures@jpcert.or.jp", url: "http://jvn.jp/en/jp/JVN20671901/index.html", }, { source: "vultures@jpcert.or.jp", url: "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000021", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://jvn.jp/en/jp/JVN20671901/995359/index.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://jvn.jp/en/jp/JVN20671901/index.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000021", }, ], sourceIdentifier: "vultures@jpcert.or.jp", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
var-202104-1057
Vulnerability from variot
An issue was discovered in Wind River VxWorks before 6.5. There is a possible heap overflow in dhcp client. Wind River VxWorks Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202104-1057", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "scalance xf208", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "scalance x204 irt", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "scalance x204 irt pro", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "ruggedcom win subscriber station", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "scalance xf204-2", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "scalance xf204-2ba irt", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "scalance x200-4 p irt", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "scalance x408", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "scalance xf201-3p irt", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "scalance x202-2p irt pro", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "simatic rf 182c", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "scalance x204-2ld ts", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "scalance x206-1ld", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "scalance xf204 irt", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "scalance x208 pro", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "scalance xf202-2p irt", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "scalance xf204", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "scalance x204-2ld", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "scalance x202-2p irt", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "scalance x204-2ts", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "scalance x202-2 irt", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "scalance x212-2", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "scalance x224", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "scalance x300", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "simatic rf 181 eip", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "scalance x216", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "scalance x201-3p irt", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "scalance x206-1", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "scalance x212-2ld", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "sinamics perfect harmony gh180", scope: "lt", trust: 1, vendor: "siemens", version: "2022", }, { model: "vxworks", scope: "lt", trust: 1, vendor: "windriver", version: "6.5", }, { model: "scalance x201-3p irt pro", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "scalance xf206-1", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "scalance x204-2", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "sinamics perfect harmony gh180", scope: "gte", trust: 1, vendor: "siemens", version: "2015", }, { model: "scalance x208", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "scalance x204-2fm", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "ウインドリバー株式会社", version: null, }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "ウインドリバー株式会社", version: "6.5", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-005466", }, { db: "NVD", id: "CVE-2021-29998", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "6.5", vulnerable: true, }, ], operator: "OR", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win_subscriber_station_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win_subscriber_station:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:scalance_x200-4_p_irt_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:scalance_x200-4_p_irt:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:scalance_x201-3p_irt_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:scalance_x201-3p_irt:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:scalance_x201-3p_irt_pro_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:scalance_x201-3p_irt_pro:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:scalance_x202-2_irt_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:scalance_x202-2_irt:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:scalance_x202-2p_irt_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:scalance_x202-2p_irt:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:scalance_x202-2p_irt_pro_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:scalance_x202-2p_irt_pro:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:scalance_x204_irt_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:scalance_x204_irt:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:scalance_x204_irt_pro_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:scalance_x204_irt_pro:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:scalance_x204-2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:scalance_x204-2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:scalance_x204-2fm_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:scalance_x204-2fm:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:scalance_x204-2ld_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:scalance_x204-2ld:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:scalance_x204-2ld_ts_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:scalance_x204-2ld_ts:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:scalance_x204-2ts_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:scalance_x204-2ts:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:scalance_x206-1_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:scalance_x206-1:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:scalance_x206-1ld_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:scalance_x206-1ld:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:scalance_x208_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:scalance_x208:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:scalance_x208_pro_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:scalance_x208_pro:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:scalance_x212-2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:scalance_x212-2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:scalance_x212-2ld_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:scalance_x212-2ld:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:scalance_x216_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:scalance_x216:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:scalance_x224_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:scalance_x224:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:scalance_x300_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:scalance_x300:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:scalance_x408_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:scalance_x408:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:scalance_xf201-3p_irt_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:scalance_xf201-3p_irt:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:scalance_xf202-2p_irt_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:scalance_xf202-2p_irt:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:scalance_xf204_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:scalance_xf204:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:scalance_xf204_irt_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:scalance_xf204_irt:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:scalance_xf204-2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:scalance_xf204-2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:scalance_xf204-2ba_irt:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:scalance_xf206-1_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:scalance_xf206-1:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:scalance_xf208_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:scalance_xf208:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:simatic_rf_181_eip_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:simatic_rf_181_eip:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:simatic_rf_182c_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:simatic_rf_182c:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:sinamics_perfect_harmony_gh180_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2022", versionStartIncluding: "2015", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:sinamics_perfect_harmony_gh180:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2021-29998", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Mitsubishi Electric reported this vulnerability to CISA.", sources: [ { db: "CNNVD", id: "CNNVD-202104-915", }, ], trust: 0.6, }, cve: "CVE-2021-29998", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 7.5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2021-29998", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.9, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2021-29998", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2021-29998", trust: 1.8, value: "CRITICAL", }, { author: "CNNVD", id: "CNNVD-202104-915", trust: 0.6, value: "CRITICAL", }, { author: "VULMON", id: "CVE-2021-29998", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "VULMON", id: "CVE-2021-29998", }, { db: "JVNDB", id: "JVNDB-2021-005466", }, { db: "NVD", id: "CVE-2021-29998", }, { db: "CNNVD", id: "CNNVD-202104-915", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "An issue was discovered in Wind River VxWorks before 6.5. There is a possible heap overflow in dhcp client. Wind River VxWorks Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state", sources: [ { db: "NVD", id: "CVE-2021-29998", }, { db: "JVNDB", id: "JVNDB-2021-005466", }, { db: "VULMON", id: "CVE-2021-29998", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-29998", trust: 3.3, }, { db: "ICS CERT", id: "ICSA-21-194-12", trust: 1.7, }, { db: "SIEMENS", id: "SSA-560465", trust: 1.7, }, { db: "SIEMENS", id: "SSA-910883", trust: 1.6, }, { db: "ICS CERT", id: "ICSA-22-102-02", trust: 1.5, }, { db: "JVN", id: "JVNVU92475198", trust: 0.8, }, { db: "JVN", id: "JVNVU97764115", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2021-005466", trust: 0.8, }, { db: "CS-HELP", id: "SB2022071403", trust: 0.6, }, { db: "CS-HELP", id: "SB2022041320", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202104-915", trust: 0.6, }, { db: "VULMON", id: "CVE-2021-29998", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2021-29998", }, { db: "JVNDB", id: "JVNDB-2021-005466", }, { db: "NVD", id: "CVE-2021-29998", }, { db: "CNNVD", id: "CNNVD-202104-915", }, ], }, id: "VAR-202104-1057", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.4991898433333333, }, last_update_date: "2023-12-18T12:15:30.961000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "CVE-2021-29998", trust: 0.8, url: "https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2021-29998", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=fc21b995a19e3c9e8671f01654bfbb04", }, ], sources: [ { db: "VULMON", id: "CVE-2021-29998", }, { db: "JVNDB", id: "JVNDB-2021-005466", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1, }, { problemtype: "Out-of-bounds writing (CWE-787) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-005466", }, { db: "NVD", id: "CVE-2021-29998", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.7, url: "https://support2.windriver.com/index.php?page=security-notices", }, { trust: 1.7, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-560465.pdf", }, { trust: 1.7, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-194-12", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-910883.pdf", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2021-29998", }, { trust: 0.9, url: "https://www.cisa.gov/uscert/ics/advisories/icsa-22-102-02", }, { trust: 0.8, url: "http://jvn.jp/vu/jvnvu92475198/index.html", }, { trust: 0.8, url: "http://jvn.jp/vu/jvnvu97764115/index.html", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-22-102-02", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/wind-river-vxworks-buffer-overflow-via-dhcp-client-35076", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022041320", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022071403", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/787.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2021-29998", }, { db: "JVNDB", id: "JVNDB-2021-005466", }, { db: "NVD", id: "CVE-2021-29998", }, { db: "CNNVD", id: "CNNVD-202104-915", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2021-29998", }, { db: "JVNDB", id: "JVNDB-2021-005466", }, { db: "NVD", id: "CVE-2021-29998", }, { db: "CNNVD", id: "CNNVD-202104-915", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-04-13T00:00:00", db: "VULMON", id: "CVE-2021-29998", }, { date: "2021-12-14T00:00:00", db: "JVNDB", id: "JVNDB-2021-005466", }, { date: "2021-04-13T17:15:12.310000", db: "NVD", id: "CVE-2021-29998", }, { date: "2021-04-13T00:00:00", db: "CNNVD", id: "CNNVD-202104-915", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-04-22T00:00:00", db: "VULMON", id: "CVE-2021-29998", }, { date: "2022-07-15T02:01:00", db: "JVNDB", id: "JVNDB-2021-005466", }, { date: "2022-10-05T16:33:35.343000", db: "NVD", id: "CVE-2021-29998", }, { date: "2022-07-15T00:00:00", db: "CNNVD", id: "CNNVD-202104-915", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202104-915", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River VxWorks Out-of-bounds write vulnerability in", sources: [ { db: "JVNDB", id: "JVNDB-2021-005466", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-202104-915", }, ], trust: 0.6, }, }
var-201008-1003
Vulnerability from variot
The INCLUDE_SECURITY functionality in Wind River VxWorks 6.x, 5.x, and earlier uses the LOGIN_USER_NAME and LOGIN_USER_PASSWORD (aka LOGIN_PASSWORD) parameters to create hardcoded credentials, which makes it easier for remote attackers to obtain access via a (1) telnet, (2) rlogin, or (3) FTP session. VxWorks is an embedded real-time operating system. VxWorks has multiple security vulnerabilities that allow an attacker to bypass security restrictions and gain unauthorized access to the system. -VxWorks The WDB target agent runs as a task in VxWorks, which is an optional component in the VxWorks configuration that is enabled by default. The WDB Target Agent Debug Service provides read/write access to device memory, allowing calls to functions. It is recommended to reconfigure VxWorks that contain the components required for operations and build the appropriate system image type. It is recommended to remove the WEB target proxy and debug components (INCLUDE_WDB and INCLUDE_DEBUG) and other operating system components that do not need to support the client application. - The HASK algorithm for the standard authentication API under VxWorks is vulnerable to collisions, and attackers with known usernames can access (telnet, rlogin or FTP) services using a standard authentication API (loginDefaultEncrypt(), part of loginLib) in a relative The brute force password is cracked in a short period of time. Since the HASH algorithm is vulnerable to collision, it is not necessary to find the actual password, as long as a string is used to generate the same HASH. For example, when logging in with the default 'target/password', 'y{{{{{SS' will HASH out the same result as 'password'. So you can use 'password' and 'y{{{{{SS' as the password to log in. Vendor affected: TP-Link (http://tp-link.com)
Products affected: * All TP-Link VxWorks-based devices (confirmed by vendor) * All "2-series" switches (confirmed by vendor) * TL-SG2008 semi-managed switch (confirmed by vendor) * TL-SG2216 semi-managed switch (confirmed by vendor) * TL-SG2424 semi-managed switch (confirmed by vendor) * TL-SG2424P semi-managed switch (confirmed by vendor) * TL-SG2452 semi-managed switch (confirmed by vendor)
Vulnerabilities: * All previously-reported VxWorks vulnerabilities from 6.6.0 on; at the very least: * CVE-2013-0716 (confirmed by vendor) * CVE-2013-0715 (confirmed by vendor) * CVE-2013-0714 (confirmed by vendor) * CVE-2013-0713 (confirmed by vendor) * CVE-2013-0712 (confirmed by vendor) * CVE-2013-0711 (confirmed by vendor) * CVE-2010-2967 (confirmed by vendor) * CVE-2010-2966 (confirmed by vendor) * CVE-2008-2476 (confirmed by vendor) * SSLv2 is available and cannot be disabled unless HTTPS is completely disabled (allows downgrade attacks) (confirmed by vendor) * SSL (v2, v3) offers insecure cipher suites and HMACs which cannot be disabled (allows downgrade attacks) (confirmed by vendor)
Design flaws: * Telnet is available and cannot be disabled (confirmed by vendor) * SSHv1 enabled by default if SSH is enabled (confirmed by vendor)
Vendor response: TP-Link are not convinced that these flaws should be repaired.
TP-Link's Internet presence -- or at least DNS -- is available only intermittently. Most emails bounced. Lost contact with vendor, but did confirm that development lead is now on holiday and will not return for at least a week.
Initial vendor reaction was to recommend purchase of "3-series" switches. Vendor did not offer reasons why "3-series" switches would be more secure, apart from lack of telnet service. Vendor confirmed that no development time can be allocated to securing "2-series" product and all focus has shifted to newer products.
(TL-SG2008 first product availability July 2014...)
Vendor deeply confused about security of DES/3DES, MD5, claimed that all security is relative. ("...[E]ven SHA-1 can be cracked, they just have different security level.")
Fix availability: None.
Work-arounds advised: None possible. Remove products from network. R7-0034: VxWorks WDB Agent Debug Service Exposure August 2, 2010
-- Rapid7 Customer Protection: Rapid7 NeXpose customers have access to a vulnerability check for this flaw as of the latest update. More information about this check can be found online at:
http://www.rapid7.com/vulndb/lookup/vxworks-wdbrpc-exposed
-- Vulnerability Details: This vulnerability allows remote attackers to read memory, write memory, execute code, and ultimately take complete control of the affected device. This issue affects over 100 different vendors and a multitude of products, both shipping and end-of-life. A spreadsheet of identified products affected by this flaw can be found at the URL below. This index is not comprehensive and not all devices found are still supported.
http://www.metasploit.com/data/confs/bsideslv2010/VxWorksDevices.xls
This flaw occurs due to an insecure setting in the configuration file of the manufacturer's source code. This setting results in a system- debug service being exposed on UDP port 17185. This service does not require authentication to access. More information about this issue can be found at the Metasploit blog:
http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html
-- Vendor Response: Wind River Systems has notified their customers of the issue and indicated that the WDB agent should be disabled for production builds. CERT has notified every vendor with an identified, shipping product containing this vulnerability. Responses for each specific vendor can be found in the CERT advisory:
http://www.kb.cert.org/vuls/id/362332
-- Disclosure Timeline: 2010-06-02 - Vulnerability reported to CERT for vendor notification 2010-08-02 - Coordinated public release of advisory
-- Credit: This vulnerability had been discovered in specific devices in multiple instances, first by Bennett Todd in 2002 and then Shawn Merdinger in 2005. A comprehensive analysis of all affected devices was conducted by HD Moore in 2010.
-- About Rapid7 Security Rapid7 provides vulnerability management, compliance and penetration testing solutions for Web application, network and database security. In addition to developing the NeXpose Vulnerability Management system, Rapid7 manages the Metasploit Project and is the primary sponsor of the W3AF web assessment tool.
Our vulnerability disclosure policy is available online at:
http://www.rapid7.com/disclosure.jsp
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201008-1003", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "5.5", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "5", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.4", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6", }, { model: "vxworks", scope: "lte", trust: 1, vendor: "windriver", version: "6.8", }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "wind river", version: "6.x", }, { model: "vxworks", scope: "lte", trust: 0.8, vendor: "wind river", version: "5.x", }, { model: "river systems vxworks through", scope: "eq", trust: 0.6, vendor: "wind", version: "6.56.9", }, { model: null, scope: null, trust: 0.6, vendor: "no", version: null, }, { model: "vxworks", scope: "eq", trust: 0.6, vendor: "windriver", version: "6.8", }, { model: null, scope: "eq", trust: 0.4, vendor: "vxworks", version: "5", }, { model: null, scope: "eq", trust: 0.4, vendor: "vxworks", version: "5.5", }, { model: null, scope: "eq", trust: 0.4, vendor: "vxworks", version: "6", }, { model: null, scope: "eq", trust: 0.4, vendor: "vxworks", version: "6.4", }, { model: null, scope: "eq", trust: 0.4, vendor: "vxworks", version: "*", }, ], sources: [ { db: "IVD", id: "0169ca3c-2356-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d7367f0-463f-11e9-837f-000c29342cb1", }, { db: "CNVD", id: "CNVD-2010-3890", }, { db: "CNVD", id: "CNVD-2010-1489", }, { db: "JVNDB", id: "JVNDB-2010-005613", }, { db: "CNNVD", id: "CNNVD-201008-030", }, { db: "NVD", id: "CVE-2010-2966", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.8", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:5.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2010-2966", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "kvnjs", sources: [ { db: "PACKETSTORM", id: "128512", }, ], trust: 0.1, }, cve: "CVE-2010-2966", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "NONE", baseScore: 7.8, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, impactScore: 6.9, integrityImpact: "NONE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:C/I:N/A:N", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "None", baseScore: 7.8, confidentialityImpact: "Complete", exploitabilityScore: null, id: "CVE-2010-2966", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:C/I:N/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 7.8, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "CNVD-2010-3890", impactScore: 6.9, integrityImpact: "NONE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:C/I:N/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "NONE", baseScore: 7.8, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "0169ca3c-2356-11e6-abef-000c29c66e3d", impactScore: 6.9, integrityImpact: "NONE", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:C/I:N/A:N", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "NONE", baseScore: 7.8, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "bab59964-1fb2-11e6-abef-000c29c66e3d", impactScore: 6.9, integrityImpact: "NONE", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:C/I:N/A:N", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "7d72f2c0-463f-11e9-98f5-000c29342cb1", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "NONE", baseScore: 7.8, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "7d7367f0-463f-11e9-837f-000c29342cb1", impactScore: 6.9, integrityImpact: "NONE", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:C/I:N/A:N", version: "2.9 [IVD]", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2010-2966", trust: 1.8, value: "HIGH", }, { author: "CNVD", id: "CNVD-2010-3890", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201008-030", trust: 0.6, value: "HIGH", }, { author: "IVD", id: "0169ca3c-2356-11e6-abef-000c29c66e3d", trust: 0.2, value: "HIGH", }, { author: "IVD", id: "bab59964-1fb2-11e6-abef-000c29c66e3d", trust: 0.2, value: "HIGH", }, { author: "IVD", id: "7d72f2c0-463f-11e9-98f5-000c29342cb1", trust: 0.2, value: "HIGH", }, { author: "IVD", id: "7d7367f0-463f-11e9-837f-000c29342cb1", trust: 0.2, value: "HIGH", }, ], }, ], sources: [ { db: "IVD", id: "0169ca3c-2356-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "bab59964-1fb2-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d72f2c0-463f-11e9-98f5-000c29342cb1", }, { db: "IVD", id: "7d7367f0-463f-11e9-837f-000c29342cb1", }, { db: "CNVD", id: "CNVD-2010-3890", }, { db: "JVNDB", id: "JVNDB-2010-005613", }, { db: "CNNVD", id: "CNNVD-201008-030", }, { db: "NVD", id: "CVE-2010-2966", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "The INCLUDE_SECURITY functionality in Wind River VxWorks 6.x, 5.x, and earlier uses the LOGIN_USER_NAME and LOGIN_USER_PASSWORD (aka LOGIN_PASSWORD) parameters to create hardcoded credentials, which makes it easier for remote attackers to obtain access via a (1) telnet, (2) rlogin, or (3) FTP session. VxWorks is an embedded real-time operating system. VxWorks has multiple security vulnerabilities that allow an attacker to bypass security restrictions and gain unauthorized access to the system. -VxWorks The WDB target agent runs as a task in VxWorks, which is an optional component in the VxWorks configuration that is enabled by default. The WDB Target Agent Debug Service provides read/write access to device memory, allowing calls to functions. It is recommended to reconfigure VxWorks that contain the components required for operations and build the appropriate system image type. It is recommended to remove the WEB target proxy and debug components (INCLUDE_WDB and INCLUDE_DEBUG) and other operating system components that do not need to support the client application. - The HASK algorithm for the standard authentication API under VxWorks is vulnerable to collisions, and attackers with known usernames can access (telnet, rlogin or FTP) services using a standard authentication API (loginDefaultEncrypt(), part of loginLib) in a relative The brute force password is cracked in a short period of time. Since the HASH algorithm is vulnerable to collision, it is not necessary to find the actual password, as long as a string is used to generate the same HASH. For example, when logging in with the default 'target/password', 'y{{{{{SS' will HASH out the same result as 'password'. So you can use 'password' and 'y{{{{{SS' as the password to log in. Vendor affected: TP-Link (http://tp-link.com)\n\nProducts affected:\n * All TP-Link VxWorks-based devices (confirmed by vendor)\n * All \"2-series\" switches (confirmed by vendor)\n * TL-SG2008 semi-managed switch (confirmed by vendor)\n * TL-SG2216 semi-managed switch (confirmed by vendor)\n * TL-SG2424 semi-managed switch (confirmed by vendor)\n * TL-SG2424P semi-managed switch (confirmed by vendor)\n * TL-SG2452 semi-managed switch (confirmed by vendor)\n\nVulnerabilities:\n * All previously-reported VxWorks vulnerabilities from 6.6.0 on;\n at the very least:\n * CVE-2013-0716 (confirmed by vendor)\n * CVE-2013-0715 (confirmed by vendor)\n * CVE-2013-0714 (confirmed by vendor)\n * CVE-2013-0713 (confirmed by vendor)\n * CVE-2013-0712 (confirmed by vendor)\n * CVE-2013-0711 (confirmed by vendor)\n * CVE-2010-2967 (confirmed by vendor)\n * CVE-2010-2966 (confirmed by vendor)\n * CVE-2008-2476 (confirmed by vendor)\n * SSLv2 is available and cannot be disabled unless HTTPS is\n completely disabled (allows downgrade attacks)\n (confirmed by vendor)\n * SSL (v2, v3) offers insecure cipher suites and HMACs which cannot\n be disabled (allows downgrade attacks)\n (confirmed by vendor)\n\nDesign flaws:\n * Telnet is available and cannot be disabled (confirmed by vendor)\n * SSHv1 enabled by default if SSH is enabled (confirmed by vendor)\n\nVendor response:\n TP-Link are not convinced that these flaws should be repaired. \n\n TP-Link's Internet presence -- or at least DNS -- is available only\n intermittently. Most emails bounced. Lost contact with vendor, but\n did confirm that development lead is now on holiday and will not\n return for at least a week. \n\n Initial vendor reaction was to recommend purchase of \"3-series\"\n switches. Vendor did not offer reasons why \"3-series\" switches would\n be more secure, apart from lack of telnet service. Vendor confirmed\n that no development time can be allocated to securing \"2-series\"\n product and all focus has shifted to newer products. \n\n (TL-SG2008 first product availability July 2014...)\n\n Vendor deeply confused about security of DES/3DES, MD5, claimed that\n all security is relative. (\"...[E]ven SHA-1 can be cracked, they just\n have different security level.\")\n\nFix availability:\n None. \n\nWork-arounds advised:\n None possible. Remove products from network. R7-0034: VxWorks WDB Agent Debug Service Exposure\nAugust 2, 2010\n\n-- Rapid7 Customer Protection:\nRapid7 NeXpose customers have access to a vulnerability check for this\nflaw as of the latest update. More information about this check can be\nfound online at:\n\n http://www.rapid7.com/vulndb/lookup/vxworks-wdbrpc-exposed\n\n-- Vulnerability Details:\nThis vulnerability allows remote attackers to read memory, write memory,\nexecute code, and ultimately take complete control of the affected\ndevice. This issue affects over 100 different vendors and a multitude of\nproducts, both shipping and end-of-life. A spreadsheet of identified\nproducts affected by this flaw can be found at the URL below. This index\nis not comprehensive and not all devices found are still supported. \n\n http://www.metasploit.com/data/confs/bsideslv2010/VxWorksDevices.xls\n\nThis flaw occurs due to an insecure setting in the configuration file of\nthe manufacturer's source code. This setting results in a system- debug\nservice being exposed on UDP port 17185. This service does not require\nauthentication to access. More information about this issue can be found\nat the Metasploit blog:\n\n http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html\n\n-- Vendor Response:\nWind River Systems has notified their customers of the issue and\nindicated that the WDB agent should be disabled for production builds. \nCERT has notified every vendor with an identified, shipping product\ncontaining this vulnerability. Responses for each specific vendor can be\nfound in the CERT advisory:\n\n http://www.kb.cert.org/vuls/id/362332\n\n-- Disclosure Timeline:\n2010-06-02 - Vulnerability reported to CERT for vendor notification\n2010-08-02 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability had been discovered in specific devices in multiple\ninstances, first by Bennett Todd in 2002 and then Shawn Merdinger in\n2005. A comprehensive analysis of all affected devices was conducted by\nHD Moore in 2010. \n\n-- About Rapid7 Security\nRapid7 provides vulnerability management, compliance and penetration\ntesting solutions for Web application, network and database security. In\naddition to developing the NeXpose Vulnerability Management system,\nRapid7 manages the Metasploit Project and is the primary sponsor of the\nW3AF web assessment tool. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.rapid7.com/disclosure.jsp\n\n", sources: [ { db: "NVD", id: "CVE-2010-2966", }, { db: "JVNDB", id: "JVNDB-2010-005613", }, { db: "CNVD", id: "CNVD-2010-3890", }, { db: "CNVD", id: "CNVD-2010-1489", }, { db: "IVD", id: "0169ca3c-2356-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "bab59964-1fb2-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d72f2c0-463f-11e9-98f5-000c29342cb1", }, { db: "IVD", id: "7d7367f0-463f-11e9-837f-000c29342cb1", }, { db: "PACKETSTORM", id: "128512", }, { db: "PACKETSTORM", id: "92448", }, ], trust: 3.6, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2010-2966", trust: 3.5, }, { db: "CERT/CC", id: "VU#840249", trust: 3, }, { db: "CNVD", id: "CNVD-2010-3890", trust: 1, }, { db: "CNNVD", id: "CNNVD-201008-030", trust: 1, }, { db: "CNVD", id: "CNVD-2010-1489", trust: 1, }, { db: "JVNDB", id: "JVNDB-2010-005613", trust: 0.8, }, { db: "CERT/CC", id: "VU#362332", trust: 0.7, }, { db: "BID", id: "42114", trust: 0.6, }, { db: "IVD", id: "0169CA3C-2356-11E6-ABEF-000C29C66E3D", trust: 0.2, }, { db: "IVD", id: "BAB59964-1FB2-11E6-ABEF-000C29C66E3D", trust: 0.2, }, { db: "IVD", id: "7D72F2C0-463F-11E9-98F5-000C29342CB1", trust: 0.2, }, { db: "IVD", id: "7D7367F0-463F-11E9-837F-000C29342CB1", trust: 0.2, }, { db: "PACKETSTORM", id: "128512", trust: 0.1, }, { db: "PACKETSTORM", id: "92448", trust: 0.1, }, ], sources: [ { db: "IVD", id: "0169ca3c-2356-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "bab59964-1fb2-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d72f2c0-463f-11e9-98f5-000c29342cb1", }, { db: "IVD", id: "7d7367f0-463f-11e9-837f-000c29342cb1", }, { db: "CNVD", id: "CNVD-2010-3890", }, { db: "CNVD", id: "CNVD-2010-1489", }, { db: "JVNDB", id: "JVNDB-2010-005613", }, { db: "PACKETSTORM", id: "128512", }, { db: "PACKETSTORM", id: "92448", }, { db: "CNNVD", id: "CNNVD-201008-030", }, { db: "NVD", id: "CVE-2010-2966", }, ], }, id: "VAR-201008-1003", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "0169ca3c-2356-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "bab59964-1fb2-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d72f2c0-463f-11e9-98f5-000c29342cb1", }, { db: "IVD", id: "7d7367f0-463f-11e9-837f-000c29342cb1", }, { db: "CNVD", id: "CNVD-2010-3890", }, { db: "CNVD", id: "CNVD-2010-1489", }, ], trust: 2.48058823, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 1.4, }, { category: [ "IoT", "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "IVD", id: "0169ca3c-2356-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "bab59964-1fb2-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d72f2c0-463f-11e9-98f5-000c29342cb1", }, { db: "IVD", id: "7d7367f0-463f-11e9-837f-000c29342cb1", }, { db: "CNVD", id: "CNVD-2010-3890", }, { db: "CNVD", id: "CNVD-2010-1489", }, ], }, last_update_date: "2024-07-23T20:40:40.038000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Top Page", trust: 0.8, url: "http://www.windriver.com/", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2010-005613", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-255", trust: 1.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2010-005613", }, { db: "NVD", id: "CVE-2010-2966", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 3, url: "http://www.kb.cert.org/vuls/id/840249", }, { trust: 1.7, url: "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2966", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2966", }, { trust: 0.6, url: "http://www.kb.cert.org/vuls/id/362332http", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2010-2966", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0713", }, { trust: 0.1, url: "http://tp-link.com)", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0715", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2010-2967", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2008-2476", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0716", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0712", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0711", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0714", }, { trust: 0.1, url: "http://www.rapid7.com/disclosure.jsp", }, { trust: 0.1, url: "http://www.kb.cert.org/vuls/id/362332", }, { trust: 0.1, url: "http://www.rapid7.com/vulndb/lookup/vxworks-wdbrpc-exposed", }, { trust: 0.1, url: "http://www.metasploit.com/data/confs/bsideslv2010/vxworksdevices.xls", }, ], sources: [ { db: "CNVD", id: "CNVD-2010-3890", }, { db: "CNVD", id: "CNVD-2010-1489", }, { db: "JVNDB", id: "JVNDB-2010-005613", }, { db: "PACKETSTORM", id: "128512", }, { db: "PACKETSTORM", id: "92448", }, { db: "CNNVD", id: "CNNVD-201008-030", }, { db: "NVD", id: "CVE-2010-2966", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "0169ca3c-2356-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "bab59964-1fb2-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d72f2c0-463f-11e9-98f5-000c29342cb1", }, { db: "IVD", id: "7d7367f0-463f-11e9-837f-000c29342cb1", }, { db: "CNVD", id: "CNVD-2010-3890", }, { db: "CNVD", id: "CNVD-2010-1489", }, { db: "JVNDB", id: "JVNDB-2010-005613", }, { db: "PACKETSTORM", id: "128512", }, { db: "PACKETSTORM", id: "92448", }, { db: "CNNVD", id: "CNNVD-201008-030", }, { db: "NVD", id: "CVE-2010-2966", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2010-08-05T00:00:00", db: "IVD", id: "0169ca3c-2356-11e6-abef-000c29c66e3d", }, { date: "2010-08-03T00:00:00", db: "IVD", id: "bab59964-1fb2-11e6-abef-000c29c66e3d", }, { date: "2010-08-03T00:00:00", db: "IVD", id: "7d72f2c0-463f-11e9-98f5-000c29342cb1", }, { date: "2010-08-05T00:00:00", db: "IVD", id: "7d7367f0-463f-11e9-837f-000c29342cb1", }, { date: "2010-08-05T00:00:00", db: "CNVD", id: "CNVD-2010-3890", }, { date: "2010-08-03T00:00:00", db: "CNVD", id: "CNVD-2010-1489", }, { date: "2012-12-20T00:00:00", db: "JVNDB", id: "JVNDB-2010-005613", }, { date: "2014-10-01T10:11:11", db: "PACKETSTORM", id: "128512", }, { date: "2010-08-03T17:02:02", db: "PACKETSTORM", id: "92448", }, { date: "2010-08-05T00:00:00", db: "CNNVD", id: "CNNVD-201008-030", }, { date: "2010-08-05T13:22:29.827000", db: "NVD", id: "CVE-2010-2966", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2010-08-05T00:00:00", db: "CNVD", id: "CNVD-2010-3890", }, { date: "2010-08-03T00:00:00", db: "CNVD", id: "CNVD-2010-1489", }, { date: "2012-12-20T00:00:00", db: "JVNDB", id: "JVNDB-2010-005613", }, { date: "2010-08-06T00:00:00", db: "CNNVD", id: "CNNVD-201008-030", }, { date: "2010-08-05T13:22:29.827000", db: "NVD", id: "CVE-2010-2966", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201008-030", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River VxWorks INCLUDE_SECURITY Feature Trust Management Vulnerability", sources: [ { db: "CNVD", id: "CNVD-2010-3890", }, { db: "CNNVD", id: "CNNVD-201008-030", }, ], trust: 1.2, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Trust management", sources: [ { db: "IVD", id: "0169ca3c-2356-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d7367f0-463f-11e9-837f-000c29342cb1", }, { db: "CNNVD", id: "CNNVD-201008-030", }, ], trust: 1, }, }
var-201908-0712
Vulnerability from variot
Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow. Wind River VxWorks Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Wind River Systems VxWorks is an embedded real-time operating system (RTOS) from Wind River Systems. An attacker could exploit the vulnerability to execute code. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. The following products and versions are affected: Wind River Systems VxWorks Version 6.9, Version 6.8, Version 6.7, Version 6.6. A vulnerability in Wind River VxWorks could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition or execute arbitrary code on a targeted system. A successful exploit could allow the malicious user to execute arbitrary code or cause a DoS condition on the targeted system
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201908-0712", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: null, scope: "eq", trust: 2.6, vendor: "sonicos", version: "*", }, { model: "vxworks", scope: "lt", trust: 1, vendor: "windriver", version: "6.9.4", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.5.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.6.1", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.0.0", }, { model: "siprotec 5", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "5.9.0.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.4.0.", }, { model: "e-series santricity os controller", scope: "gte", trust: 1, vendor: "netapp", version: "8.00", }, { model: "sonicos", scope: "eq", trust: 1, vendor: "sonicwall", version: "6.2.7.0", }, { model: "power meter 9410", scope: "lt", trust: 1, vendor: "siemens", version: "2.2.1", }, { model: "ruggedcom win7025", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.2.3", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "5.9.1.0.", }, { model: "ruggedcom win7200", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "sonicos", scope: "eq", trust: 1, vendor: "sonicwall", version: "6.2.7.1", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.3.1", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.2.04", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.1.4", }, { model: "sonicos", scope: "eq", trust: 1, vendor: "sonicwall", version: "6.2.7.7", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.0.07", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.5.3", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "5.9.1.12", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.9.2", }, { model: "vxworks", scope: "gte", trust: 1, vendor: "windriver", version: "6.5", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.0.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.6.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.4.3", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.4.3", }, { model: "ruggedcom win7000", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "power meter 9810", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "siprotec 5", scope: "lt", trust: 1, vendor: "siemens", version: "7.91", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.7.4", }, { model: "garrettcom magnum dx940e", scope: "lte", trust: 1, vendor: "belden", version: "1.0.1_y7", }, { model: "e-series santricity os controller", scope: "lte", trust: 1, vendor: "netapp", version: "8.40.50.00", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.1.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.9.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "5.9.0.7", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.5.01", }, { model: "ruggedcom win7018", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.3.0", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "05.3.06", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.0.3", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.2.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.4.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.7.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.3.3", }, { model: "e-series santricity os controller", scope: null, trust: 0.8, vendor: "netapp", version: null, }, { model: "siprotec 5", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "sonicos", scope: null, trust: 0.8, vendor: "sonicwall", version: null, }, { model: "vxworks", scope: null, trust: 0.8, vendor: "ウインドリバー株式会社", version: null, }, { model: null, scope: "eq", trust: 0.6, vendor: "siprotec 5", version: "*", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.9", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.8", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.7", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.6", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "*", }, { model: null, scope: "eq", trust: 0.2, vendor: "e series santricity os controller", version: "*", }, { model: null, scope: "eq", trust: 0.2, vendor: "sonicos", version: "6.2.7.1", }, { model: null, scope: "eq", trust: 0.2, vendor: "sonicos", version: "6.2.7.7", }, ], sources: [ { db: "IVD", id: "61d7170c-1da5-4162-b6ec-a6c8da8a0466", }, { db: "CNVD", id: "CNVD-2019-25700", }, { db: "JVNDB", id: "JVNDB-2019-007841", }, { db: "NVD", id: "CVE-2019-12255", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "6.9.4", versionStartIncluding: "6.5", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "8.40.50.00", versionStartIncluding: "8.00", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.4.3", versionStartIncluding: "6.5.4.0.", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.3.3", versionStartIncluding: "6.5.3.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.2.3", versionStartIncluding: "6.5.2.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.1.4", versionStartIncluding: "6.5.1.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.0.3", versionStartIncluding: "6.5.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.7.4", versionStartIncluding: "6.2.7.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.6.1", versionStartIncluding: "6.2.6.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.5.3", versionStartIncluding: "6.2.5.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.4.3", versionStartIncluding: "6.2.4.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.3.1", versionStartIncluding: "6.2.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.9.1.12", versionStartIncluding: "5.9.1.0.", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.9.0.7", versionStartIncluding: "5.9.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:6.2.7.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:6.2.7.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:6.2.7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.9.2", versionStartIncluding: "6.2.9.0", vulnerable: true, }, ], operator: "OR", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp300", cpe_name: [], versionEndExcluding: "7.91", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp200", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:siprotec_5:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp300", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:siprotec_5:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:power_meter_9410_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.2.1", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:power_meter_9410:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:power_meter_9810_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:power_meter_9810:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7018_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7018:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7025_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7025:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7200:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.0.07", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_ees20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_ees25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eesx20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eesx30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1020:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1030:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1042:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1120:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1130:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1142:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp32:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rail_switch_power_lite:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rail_switch_power_smart:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_red25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp35:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe32:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe35:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe37:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.5.01", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_octopus_os3:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.2.04", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_dragon_mach4000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_dragon_mach4500:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "05.3.06", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle_one:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:garrettcom_magnum_dx940e_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "1.0.1_y7", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:garrettcom_magnum_dx940e:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2019-12255", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Zhou Yu", sources: [ { db: "CNNVD", id: "CNNVD-201907-1497", }, ], trust: 0.6, }, cve: "CVE-2019-12255", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 7.5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2019-12255", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.9, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "CNVD-2019-25700", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "61d7170c-1da5-4162-b6ec-a6c8da8a0466", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-143983", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2019-12255", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2019-12255", trust: 1.8, value: "CRITICAL", }, { author: "CNVD", id: "CNVD-2019-25700", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201907-1497", trust: 0.6, value: "CRITICAL", }, { author: "IVD", id: "61d7170c-1da5-4162-b6ec-a6c8da8a0466", trust: 0.2, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-143983", trust: 0.1, value: "HIGH", }, { author: "VULMON", id: "CVE-2019-12255", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "IVD", id: "61d7170c-1da5-4162-b6ec-a6c8da8a0466", }, { db: "CNVD", id: "CNVD-2019-25700", }, { db: "VULHUB", id: "VHN-143983", }, { db: "VULMON", id: "CVE-2019-12255", }, { db: "JVNDB", id: "JVNDB-2019-007841", }, { db: "NVD", id: "CVE-2019-12255", }, { db: "CNNVD", id: "CNNVD-201907-1497", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow. Wind River VxWorks Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Wind River Systems VxWorks is an embedded real-time operating system (RTOS) from Wind River Systems. An attacker could exploit the vulnerability to execute code. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. The following products and versions are affected: Wind River Systems VxWorks Version 6.9, Version 6.8, Version 6.7, Version 6.6. A vulnerability in Wind River VxWorks could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition or execute arbitrary code on a targeted system. A successful exploit could allow the malicious user to execute arbitrary code or cause a DoS condition on the targeted system", sources: [ { db: "NVD", id: "CVE-2019-12255", }, { db: "JVNDB", id: "JVNDB-2019-007841", }, { db: "CNVD", id: "CNVD-2019-25700", }, { db: "IVD", id: "61d7170c-1da5-4162-b6ec-a6c8da8a0466", }, { db: "VULHUB", id: "VHN-143983", }, { db: "VULMON", id: "CVE-2019-12255", }, ], trust: 2.52, }, exploit_availability: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { reference: "https://vulmon.com/exploitdetails?qidtp=exploitdb&qid=47233", trust: 0.1, type: "exploit", }, ], sources: [ { db: "VULMON", id: "CVE-2019-12255", }, ], }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-12255", trust: 4.2, }, { db: "PACKETSTORM", id: "154022", trust: 1.8, }, { db: "SIEMENS", id: "SSA-352504", trust: 1.8, }, { db: "SIEMENS", id: "SSA-189842", trust: 1.8, }, { db: "SIEMENS", id: "SSA-632562", trust: 1.8, }, { db: "ICS CERT", id: "ICSA-19-274-01", trust: 1.4, }, { db: "ICS CERT", id: "ICSA-19-211-01", trust: 1.4, }, { db: "ICS CERT", id: "ICSMA-19-274-01", trust: 1.4, }, { db: "CNNVD", id: "CNNVD-201907-1497", trust: 0.9, }, { db: "ICS CERT", id: "ICSA-23-320-10", trust: 0.9, }, { db: "CNVD", id: "CNVD-2019-25700", trust: 0.8, }, { db: "JVN", id: "JVNVU92598492", trust: 0.8, }, { db: "JVN", id: "JVNVU92467308", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2019-007841", trust: 0.8, }, { db: "EXPLOIT-DB", id: "47233", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2019.3695.5", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.2856", trust: 0.6, }, { db: "IVD", id: "61D7170C-1DA5-4162-B6EC-A6C8DA8A0466", trust: 0.2, }, { db: "VULHUB", id: "VHN-143983", trust: 0.1, }, { db: "VULMON", id: "CVE-2019-12255", trust: 0.1, }, ], sources: [ { db: "IVD", id: "61d7170c-1da5-4162-b6ec-a6c8da8a0466", }, { db: "CNVD", id: "CNVD-2019-25700", }, { db: "VULHUB", id: "VHN-143983", }, { db: "VULMON", id: "CVE-2019-12255", }, { db: "JVNDB", id: "JVNDB-2019-007841", }, { db: "NVD", id: "CVE-2019-12255", }, { db: "CNNVD", id: "CNNVD-201907-1497", }, ], }, id: "VAR-201908-0712", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "61d7170c-1da5-4162-b6ec-a6c8da8a0466", }, { db: "CNVD", id: "CNVD-2019-25700", }, { db: "VULHUB", id: "VHN-143983", }, ], trust: 1.38913044, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "61d7170c-1da5-4162-b6ec-a6c8da8a0466", }, { db: "CNVD", id: "CNVD-2019-25700", }, ], }, last_update_date: "2023-12-18T11:41:27.169000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Security Notices Siemens Siemens Security Advisory", trust: 0.8, url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { title: "Wind River Systems VxWorks Patch for Digital Error Vulnerabilities", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/172897", }, { title: "Wind River Systems VxWorks Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=95612", }, { title: "The Register", trust: 0.2, url: "https://www.theregister.co.uk/2019/07/29/wind_river_patches_vxworks/", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=1f919286ef48798d96223ef4d2143337", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=2dd69ca01b84b80e09672fedb1c26f51", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=99fa839be73f2df819a67c27caa912f8", }, { title: "Fortinet Security Advisories: Wind River VxWorks IPnet TCP/IP Stack Vulnerabilities (aka. URGENT/11)", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=fortinet_security_advisories&qid=fg-ir-19-222", }, { title: "Urgent11-Suricata-LUA-scripts", trust: 0.1, url: "https://github.com/sud0woodo/urgent11-suricata-lua-scripts ", }, { title: "urgent11-poc", trust: 0.1, url: "https://github.com/iweizime/urgent11-poc ", }, { title: "PoC-in-GitHub", trust: 0.1, url: "https://github.com/developer3000s/poc-in-github ", }, { title: "PoC-in-GitHub", trust: 0.1, url: "https://github.com/hectorgie/poc-in-github ", }, { title: "CVE-POC", trust: 0.1, url: "https://github.com/0xt11/cve-poc ", }, { title: "PoC-in-GitHub", trust: 0.1, url: "https://github.com/nomi-sec/poc-in-github ", }, { title: "BleepingComputer", trust: 0.1, url: "https://www.bleepingcomputer.com/news/security/over-100-000-medical-infusion-pumps-vulnerable-to-years-old-critical-bug/", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-25700", }, { db: "VULMON", id: "CVE-2019-12255", }, { db: "JVNDB", id: "JVNDB-2019-007841", }, { db: "CNNVD", id: "CNNVD-201907-1497", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-120", trust: 1, }, { problemtype: "Buffer error (CWE-119) [NVD evaluation ]", trust: 0.8, }, { problemtype: "CWE-119", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-143983", }, { db: "JVNDB", id: "JVNDB-2019-007841", }, { db: "NVD", id: "CVE-2019-12255", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.4, url: "http://packetstormsecurity.com/files/154022/vxworks-6.8-integer-underflow.html", }, { trust: 2.3, url: "https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2019-12255", }, { trust: 2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-12255", }, { trust: 1.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { trust: 1.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { trust: 1.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { trust: 1.8, url: "https://psirt.global.sonicwall.com/vuln-detail/snwlid-2019-0009", }, { trust: 1.8, url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { trust: 1.8, url: "https://support.f5.com/csp/article/k41190253", }, { trust: 1.8, url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { trust: 1.8, url: "https://support2.windriver.com/index.php?page=security-notices", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsa-19-274-01", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsma-19-274-01", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsa-19-211-01", }, { trust: 1.1, url: "https://support.f5.com/csp/article/k41190253?utm_source=f5support&%3butm_medium=rss", }, { trust: 0.9, url: "https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-10", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu92467308/", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu92598492/", }, { trust: 0.7, url: "https://www.exploit-db.com/exploits/47233", }, { trust: 0.6, url: "https://support.f5.com/csp/article/k41190253?utm_source=f5support&utm_medium=rss", }, { trust: 0.6, url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/security-advisory-ipnet/security-advisory-ipnet.pdf", }, { trust: 0.6, url: "https://www.tenable.com/blog/critical-vulnerabilities-dubbed-urgent11-place-devices-running-vxworks-at-risk-of-rce-attacks", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.3695.5/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.2856/", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/wind-river-vxworks-multiple-vulnerabilities-via-ipnet-29905", }, { trust: 0.1, url: "https://support.f5.com/csp/article/k41190253?utm_source=f5support&utm_medium=rss", }, { trust: 0.1, url: "https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2019-12255", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/120.html", }, { trust: 0.1, url: "http://tools.cisco.com/security/center/viewalert.x?alertid=60681", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://github.com/sud0woodo/urgent11-suricata-lua-scripts", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-25700", }, { db: "VULHUB", id: "VHN-143983", }, { db: "VULMON", id: "CVE-2019-12255", }, { db: "JVNDB", id: "JVNDB-2019-007841", }, { db: "NVD", id: "CVE-2019-12255", }, { db: "CNNVD", id: "CNNVD-201907-1497", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "61d7170c-1da5-4162-b6ec-a6c8da8a0466", }, { db: "CNVD", id: "CNVD-2019-25700", }, { db: "VULHUB", id: "VHN-143983", }, { db: "VULMON", id: "CVE-2019-12255", }, { db: "JVNDB", id: "JVNDB-2019-007841", }, { db: "NVD", id: "CVE-2019-12255", }, { db: "CNNVD", id: "CNNVD-201907-1497", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-08-02T00:00:00", db: "IVD", id: "61d7170c-1da5-4162-b6ec-a6c8da8a0466", }, { date: "2019-08-02T00:00:00", db: "CNVD", id: "CNVD-2019-25700", }, { date: "2019-08-09T00:00:00", db: "VULHUB", id: "VHN-143983", }, { date: "2019-08-09T00:00:00", db: "VULMON", id: "CVE-2019-12255", }, { date: "2019-08-21T00:00:00", db: "JVNDB", id: "JVNDB-2019-007841", }, { date: "2019-08-09T20:15:11.347000", db: "NVD", id: "CVE-2019-12255", }, { date: "2019-07-29T00:00:00", db: "CNNVD", id: "CNNVD-201907-1497", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-08-02T00:00:00", db: "CNVD", id: "CNVD-2019-25700", }, { date: "2019-10-02T00:00:00", db: "VULHUB", id: "VHN-143983", }, { date: "2023-11-07T00:00:00", db: "VULMON", id: "CVE-2019-12255", }, { date: "2023-11-21T01:10:00", db: "JVNDB", id: "JVNDB-2019-007841", }, { date: "2023-11-07T03:03:30.400000", db: "NVD", id: "CVE-2019-12255", }, { date: "2022-03-10T00:00:00", db: "CNNVD", id: "CNNVD-201907-1497", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201907-1497", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River Systems VxWorks Digital Error Vulnerability", sources: [ { db: "IVD", id: "61d7170c-1da5-4162-b6ec-a6c8da8a0466", }, { db: "CNVD", id: "CNVD-2019-25700", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Buffer error", sources: [ { db: "IVD", id: "61d7170c-1da5-4162-b6ec-a6c8da8a0466", }, { db: "CNNVD", id: "CNNVD-201907-1497", }, ], trust: 0.8, }, }
var-201908-0704
Vulnerability from variot
Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There is an IPNET security vulnerability: TCP Urgent Pointer state confusion due to race condition. Wind River VxWorks Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Wind River Systems VxWorks is an embedded real-time operating system (RTOS) from Wind River Systems. The vulnerability stems from the improper handling of concurrent access when the network system or product is running and concurrent code needs to access shared resources mutually exclusive. There are currently no detailed details of the vulnerability provided. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. The following products and versions are affected: Wind River Systems VxWorks Version 7, Version 6.9, Version 6.8, Version 6.7, Version 6.6. A vulnerability in Wind River VxWorks could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition or execute arbitrary code on a targeted system. An attacker could exploit this vulnerability by sending crafted HTTP requests to the targeted system. A successful exploit could cause an Urgent Pointer state confusion, which could allow the malicious user to execute arbitrary code or cause a DoS condition on the targeted system
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201908-0704", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: null, scope: "eq", trust: 2.4, vendor: "sonicos", version: "*", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.5.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.6.1", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.0.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "5.9.0.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.4.0.", }, { model: "e-series santricity os controller", scope: "gte", trust: 1, vendor: "netapp", version: "8.00", }, { model: "sonicos", scope: "eq", trust: 1, vendor: "sonicwall", version: "6.2.7.0", }, { model: "power meter 9410", scope: "lt", trust: 1, vendor: "siemens", version: "2.2.1", }, { model: "ruggedcom win7025", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.2.3", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "5.9.1.0.", }, { model: "ruggedcom win7200", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.7.0", }, { model: "sonicos", scope: "eq", trust: 1, vendor: "sonicwall", version: "6.2.7.1", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.3.1", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.2.04", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.1.4", }, { model: "sonicos", scope: "eq", trust: 1, vendor: "sonicwall", version: "6.2.7.7", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.0.07", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.5.3", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "5.9.1.12", }, { model: "vxworks", scope: "lt", trust: 1, vendor: "windriver", version: "6.9.4.12", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.9.2", }, { model: "vxworks", scope: "gte", trust: 1, vendor: "windriver", version: "6.5", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.0.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.6.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.4.3", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.4.3", }, { model: "ruggedcom win7000", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "power meter 9810", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "siprotec 5", scope: "lt", trust: 1, vendor: "siemens", version: "7.59", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.7.4", }, { model: "siprotec 5", scope: "lt", trust: 1, vendor: "siemens", version: "7.91", }, { model: "garrettcom magnum dx940e", scope: "lte", trust: 1, vendor: "belden", version: "1.0.1_y7", }, { model: "e-series santricity os controller", scope: "lte", trust: 1, vendor: "netapp", version: "8.40.50.00", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.1.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.9.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "5.9.0.7", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.5.01", }, { model: "ruggedcom win7018", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.3.0", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "05.3.06", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.0.3", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.2.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.4.0", }, { model: "vxworks", scope: "eq", trust: 1, vendor: "windriver", version: "7.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.3.3", }, { model: "e-series santricity os controller", scope: null, trust: 0.8, vendor: "netapp", version: null, }, { model: "siprotec 5", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "sonicos", scope: null, trust: 0.8, vendor: "sonicwall", version: null, }, { model: "vxworks", scope: null, trust: 0.8, vendor: "ウインドリバー株式会社", version: null, }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.9", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.8", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.7", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.6", }, { model: null, scope: "eq", trust: 0.4, vendor: "siprotec 5", version: "*", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.9.4", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "7", }, { model: null, scope: "eq", trust: 0.2, vendor: "e series santricity os controller", version: "*", }, { model: null, scope: "eq", trust: 0.2, vendor: "sonicos", version: "6.2.7.0", }, { model: null, scope: "eq", trust: 0.2, vendor: "sonicos", version: "6.2.7.1", }, { model: null, scope: "eq", trust: 0.2, vendor: "sonicos", version: "6.2.7.7", }, ], sources: [ { db: "IVD", id: "105f43dd-e73e-463b-843e-0f65bbf82737", }, { db: "CNVD", id: "CNVD-2019-25708", }, { db: "JVNDB", id: "JVNDB-2019-007851", }, { db: "NVD", id: "CVE-2019-12263", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:windriver:vxworks:7.0:-:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "6.9.4.12", versionStartIncluding: "6.5", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.4.3", versionStartIncluding: "6.5.4.0.", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.3.3", versionStartIncluding: "6.5.3.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.2.3", versionStartIncluding: "6.5.2.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.1.4", versionStartIncluding: "6.5.1.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.0.3", versionStartIncluding: "6.5.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.7.4", versionStartIncluding: "6.2.7.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.6.1", versionStartIncluding: "6.2.6.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.5.3", versionStartIncluding: "6.2.5.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.4.3", versionStartIncluding: "6.2.4.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.3.1", versionStartIncluding: "6.2.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.9.1.12", versionStartIncluding: "5.9.1.0.", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.9.0.7", versionStartIncluding: "5.9.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:6.2.7.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:6.2.7.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:6.2.7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.9.2", versionStartIncluding: "6.2.9.0", vulnerable: true, }, ], operator: "OR", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp200", cpe_name: [], versionEndExcluding: "7.59", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "8.40.50.00", versionStartIncluding: "8.00", vulnerable: true, }, ], operator: "OR", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp300", cpe_name: [], versionEndExcluding: "7.91", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:power_meter_9410_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.2.1", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:power_meter_9410:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:power_meter_9810_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:power_meter_9810:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7018_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7018:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7025_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7025:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7200:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.0.07", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rail_switch_power_lite:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rail_switch_power_smart:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_red25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1042:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1142:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1020:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1120:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1030:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1130:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eesx20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eesx30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_ees20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_ees25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp32:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe32:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe35:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe37:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp35:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.5.01", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_octopus_os3:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.2.04", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_dragon_mach4000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_dragon_mach4500:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "05.3.06", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle_one:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:garrettcom_magnum_dx940e_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "1.0.1_y7", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:garrettcom_magnum_dx940e:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2019-12263", }, ], }, cve: "CVE-2019-12263", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Medium", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 6.8, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2019-12263", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.9, userInteractionRequired: null, vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 7.6, confidentialityImpact: "COMPLETE", exploitabilityScore: 4.9, id: "CNVD-2019-25708", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:H/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "COMPLETE", baseScore: 7.6, confidentialityImpact: "COMPLETE", exploitabilityScore: 4.9, id: "105f43dd-e73e-463b-843e-0f65bbf82737", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:H/Au:N/C:C/I:C/A:C", version: "2.9 [IVD]", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, id: "VHN-143992", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:M/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "HIGH", attackVector: "NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2.2, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "High", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 8.1, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2019-12263", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2019-12263", trust: 1.8, value: "HIGH", }, { author: "CNVD", id: "CNVD-2019-25708", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201907-1493", trust: 0.6, value: "HIGH", }, { author: "IVD", id: "105f43dd-e73e-463b-843e-0f65bbf82737", trust: 0.2, value: "HIGH", }, { author: "VULHUB", id: "VHN-143992", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2019-12263", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "IVD", id: "105f43dd-e73e-463b-843e-0f65bbf82737", }, { db: "CNVD", id: "CNVD-2019-25708", }, { db: "VULHUB", id: "VHN-143992", }, { db: "VULMON", id: "CVE-2019-12263", }, { db: "JVNDB", id: "JVNDB-2019-007851", }, { db: "NVD", id: "CVE-2019-12263", }, { db: "CNNVD", id: "CNNVD-201907-1493", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There is an IPNET security vulnerability: TCP Urgent Pointer state confusion due to race condition. Wind River VxWorks Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Wind River Systems VxWorks is an embedded real-time operating system (RTOS) from Wind River Systems. The vulnerability stems from the improper handling of concurrent access when the network system or product is running and concurrent code needs to access shared resources mutually exclusive. There are currently no detailed details of the vulnerability provided. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. The following products and versions are affected: Wind River Systems VxWorks Version 7, Version 6.9, Version 6.8, Version 6.7, Version 6.6. A vulnerability in Wind River VxWorks could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition or execute arbitrary code on a targeted system. An attacker could exploit this vulnerability by sending crafted HTTP requests to the targeted system. A successful exploit could cause an Urgent Pointer state confusion, which could allow the malicious user to execute arbitrary code or cause a DoS condition on the targeted system", sources: [ { db: "NVD", id: "CVE-2019-12263", }, { db: "JVNDB", id: "JVNDB-2019-007851", }, { db: "CNVD", id: "CNVD-2019-25708", }, { db: "IVD", id: "105f43dd-e73e-463b-843e-0f65bbf82737", }, { db: "VULHUB", id: "VHN-143992", }, { db: "VULMON", id: "CVE-2019-12263", }, ], trust: 2.52, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-12263", trust: 4.2, }, { db: "SIEMENS", id: "SSA-352504", trust: 1.8, }, { db: "SIEMENS", id: "SSA-189842", trust: 1.8, }, { db: "SIEMENS", id: "SSA-632562", trust: 1.8, }, { db: "ICS CERT", id: "ICSA-19-274-01", trust: 1.4, }, { db: "ICS CERT", id: "ICSA-19-211-01", trust: 1.4, }, { db: "ICS CERT", id: "ICSMA-19-274-01", trust: 1.4, }, { db: "CNNVD", id: "CNNVD-201907-1493", trust: 0.9, }, { db: "ICS CERT", id: "ICSA-23-320-10", trust: 0.9, }, { db: "CNVD", id: "CNVD-2019-25708", trust: 0.8, }, { db: "JVN", id: "JVNVU92598492", trust: 0.8, }, { db: "JVN", id: "JVNVU92467308", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2019-007851", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2019.3695.5", trust: 0.6, }, { db: "AUSCERT", id: "ASB-2019.0224", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.3245", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.2856", trust: 0.6, }, { db: "IVD", id: "105F43DD-E73E-463B-843E-0F65BBF82737", trust: 0.2, }, { db: "VULHUB", id: "VHN-143992", trust: 0.1, }, { db: "VULMON", id: "CVE-2019-12263", trust: 0.1, }, ], sources: [ { db: "IVD", id: "105f43dd-e73e-463b-843e-0f65bbf82737", }, { db: "CNVD", id: "CNVD-2019-25708", }, { db: "VULHUB", id: "VHN-143992", }, { db: "VULMON", id: "CVE-2019-12263", }, { db: "JVNDB", id: "JVNDB-2019-007851", }, { db: "NVD", id: "CVE-2019-12263", }, { db: "CNNVD", id: "CNNVD-201907-1493", }, ], }, id: "VAR-201908-0704", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "105f43dd-e73e-463b-843e-0f65bbf82737", }, { db: "CNVD", id: "CNVD-2019-25708", }, { db: "VULHUB", id: "VHN-143992", }, ], trust: 1.38913044, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "105f43dd-e73e-463b-843e-0f65bbf82737", }, { db: "CNVD", id: "CNVD-2019-25708", }, ], }, last_update_date: "2023-12-18T10:52:38.218000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Security Notices Siemens Siemens Security Advisory", trust: 0.8, url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { title: "Patch for Wind River Systems VxWorks Competition Conditional Vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/172961", }, { title: "Wind River Systems VxWorks Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=95608", }, { title: "The Register", trust: 0.2, url: "https://www.theregister.co.uk/2019/07/29/wind_river_patches_vxworks/", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=1f919286ef48798d96223ef4d2143337", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=2dd69ca01b84b80e09672fedb1c26f51", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=99fa839be73f2df819a67c27caa912f8", }, { title: "Fortinet Security Advisories: Wind River VxWorks IPnet TCP/IP Stack Vulnerabilities (aka. URGENT/11)", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=fortinet_security_advisories&qid=fg-ir-19-222", }, { title: "urgent11-poc", trust: 0.1, url: "https://github.com/iweizime/urgent11-poc ", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-25708", }, { db: "VULMON", id: "CVE-2019-12263", }, { db: "JVNDB", id: "JVNDB-2019-007851", }, { db: "CNNVD", id: "CNNVD-201907-1493", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-362", trust: 1, }, { problemtype: "CWE-787", trust: 1, }, { problemtype: "Buffer error (CWE-119) [NVD evaluation ]", trust: 0.8, }, { problemtype: "CWE-119", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-143992", }, { db: "JVNDB", id: "JVNDB-2019-007851", }, { db: "NVD", id: "CVE-2019-12263", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.3, url: "https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2019-12263", }, { trust: 2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-12263", }, { trust: 1.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { trust: 1.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { trust: 1.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { trust: 1.8, url: "https://psirt.global.sonicwall.com/vuln-detail/snwlid-2019-0009", }, { trust: 1.8, url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { trust: 1.8, url: "https://support.f5.com/csp/article/k41190253", }, { trust: 1.8, url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { trust: 1.8, url: "https://support2.windriver.com/index.php?page=security-notices", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsa-19-274-01", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsma-19-274-01", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsa-19-211-01", }, { trust: 0.9, url: "https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-10", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu92467308/", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu92598492/index.html", }, { trust: 0.6, url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/security-advisory-ipnet/security-advisory-ipnet.pdf", }, { trust: 0.6, url: "https://www.tenable.com/blog/critical-vulnerabilities-dubbed-urgent11-place-devices-running-vxworks-at-risk-of-rce-attacks", }, { trust: 0.6, url: "https://fortiguard.com/psirt/fg-ir-19-222", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.3695.5/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.2856/", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/wind-river-vxworks-multiple-vulnerabilities-via-ipnet-29905", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/asb-2019.0224/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.3245/", }, { trust: 0.1, url: "https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2019-12263", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/362.html", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/787.html", }, { trust: 0.1, url: "http://tools.cisco.com/security/center/viewalert.x?alertid=60684", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://github.com/iweizime/urgent11-poc", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-25708", }, { db: "VULHUB", id: "VHN-143992", }, { db: "VULMON", id: "CVE-2019-12263", }, { db: "JVNDB", id: "JVNDB-2019-007851", }, { db: "NVD", id: "CVE-2019-12263", }, { db: "CNNVD", id: "CNNVD-201907-1493", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "105f43dd-e73e-463b-843e-0f65bbf82737", }, { db: "CNVD", id: "CNVD-2019-25708", }, { db: "VULHUB", id: "VHN-143992", }, { db: "VULMON", id: "CVE-2019-12263", }, { db: "JVNDB", id: "JVNDB-2019-007851", }, { db: "NVD", id: "CVE-2019-12263", }, { db: "CNNVD", id: "CNNVD-201907-1493", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-08-02T00:00:00", db: "IVD", id: "105f43dd-e73e-463b-843e-0f65bbf82737", }, { date: "2019-08-02T00:00:00", db: "CNVD", id: "CNVD-2019-25708", }, { date: "2019-08-09T00:00:00", db: "VULHUB", id: "VHN-143992", }, { date: "2019-08-09T00:00:00", db: "VULMON", id: "CVE-2019-12263", }, { date: "2019-08-21T00:00:00", db: "JVNDB", id: "JVNDB-2019-007851", }, { date: "2019-08-09T19:15:11.233000", db: "NVD", id: "CVE-2019-12263", }, { date: "2019-07-29T00:00:00", db: "CNNVD", id: "CNNVD-201907-1493", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-08-02T00:00:00", db: "CNVD", id: "CNVD-2019-25708", }, { date: "2019-09-10T00:00:00", db: "VULHUB", id: "VHN-143992", }, { date: "2022-08-12T00:00:00", db: "VULMON", id: "CVE-2019-12263", }, { date: "2023-11-21T01:23:00", db: "JVNDB", id: "JVNDB-2019-007851", }, { date: "2022-08-12T18:44:49.107000", db: "NVD", id: "CVE-2019-12263", }, { date: "2022-03-10T00:00:00", db: "CNNVD", id: "CNNVD-201907-1493", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201907-1493", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River VxWorks Buffer error vulnerability in", sources: [ { db: "JVNDB", id: "JVNDB-2019-007851", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Buffer error", sources: [ { db: "IVD", id: "105f43dd-e73e-463b-843e-0f65bbf82737", }, { db: "CNNVD", id: "CNNVD-201907-1493", }, ], trust: 0.8, }, }
var-201008-0270
Vulnerability from variot
The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185, a related issue to CVE-2005-3804. VxWorks Authentication API (loginLib) The hash function used in has a deficiency in collision resistance. It is relatively easy to find a string that has the same hash value as a regular password.Authentication by attacker API (loginLib) May be used to access services using. The problem is CVE-2005-3804 May be related toBy a third party UDP An arbitrary memory area may be read or modified, a function call executed, or a task managed through a request to the port. VxWorks is an embedded real-time operating system. VxWorks has multiple security vulnerabilities that allow an attacker to bypass security restrictions and gain unauthorized access to the system. -VxWorks The WDB target agent runs as a task in VxWorks, which is an optional component in the VxWorks configuration that is enabled by default. It is recommended to reconfigure VxWorks that contain the components required for operations and build the appropriate system image type. It is recommended to remove the WEB target proxy and debug components (INCLUDE_WDB and INCLUDE_DEBUG) and other operating system components that do not need to support the client application. - The HASK algorithm for the standard authentication API under VxWorks is vulnerable to collisions, and attackers with known usernames can access (telnet, rlogin or FTP) services using a standard authentication API (loginDefaultEncrypt(), part of loginLib) in a relative The brute force password is cracked in a short period of time. Since the HASH algorithm is vulnerable to collision, it is not necessary to find the actual password, as long as a string is used to generate the same HASH. For example, when logging in with the default 'target/password', 'y{{{{{SS' will HASH out the same result as 'password'. So you can use 'password' and 'y{{{{{SS' as the password to log in. Permissions and access control vulnerabilities exist in the WDB Target Agent Debugging Service in Wind River VxWorks 6.x, 5.x and earlier. VxWorks is prone to a remote security-bypass vulnerability. Successful exploits will allow remote attackers to perform debugging tasks on the vulnerable device. The issue affects multiple products from multiple vendors that ship with the VxWorks operating system. NOTE: This issue was previously covered in BID 42114 (VxWorks Multiple Security Vulnerabilities) but has been separated into its own record to better document it. R7-0035: VxWorks Authentication Library Weak Password Hashing August 2, 2010
-- Vulnerability Details: This vulnerability allows remote attackers to bypass the authentication process for the Telnet and FTP services of the VxWorks operating system. This flaw occurs due to an insecure password hashing implementation in the authentication library (loginLib) of the VxWorks operating system. Regardless of what password is set for a particular account, there are a only small number (~210k) of possible hash outputs. Typical passwords consisting of alphanumeric characters and symbols fall within an even smaller range of hash outputs (~8k), making this trivial to brute force over the network. To excaberate matters, loginLib has no support for account lockouts and the FTP daemon does not disconnect clients that consistently fail to authenticate. This reduces the brute force time for the FTP service to approximately 30 minutes.
To demonstrate the hash weakness, the password of "insecure" hashes to the value "Ry99dzRcy9". The hashing algorithm itself is based on an additive sum with a small XOR operation. The resulting sums are then transformed to a printable string, but the range of possible intermediate values is limited and mostly sequential. The entire collision table has been precomputed and will be released in early September as an input file for common brute force tools. More information about the hashing algorithm itself is available at the Metasploit blog post below:
http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html
There are three requirements for this vulnerability to be exploited:
-
The device must be running at least one service that uses loginLib for authentication. Telnet and FTP do so by default.
-
A valid username must be known to the attacker. This is usually easy to determine through product manuals or a cursory review of the firmware binaries.
-
The target service must be using with default loginLib library and must not have changed the authentication function to point to a custom backend.
A typical VxWorks device will meet all three requirements by default, but customization by the device manufacturer may preclude this from being exploited. In general, if the device displays a VxWorks banner for Telnet or FTP, it is more than likely vulnerable.
-- Vendor Response: Wind River Systems has notified their customers of the issue and suggested that each downstream vendor replace the existing hash implementation with SHA512 or SHA256. The exact extent of the vulnerability and the complete list of affected devices is not known at this time. Example code from Wind River Systems has been supplied to CERT and is included in the advisory below:
http://www.kb.cert.org/vuls/id/840249
-- Disclosure Timeline: 2009-06-02 - Vulnerability reported to CERT for vendor notification 2009-08-02 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by HD Moore
-- About Rapid7 Security Rapid7 provides vulnerability management, compliance and penetration testing solutions for Web application, network and database security. In addition to developing the NeXpose Vulnerability Management system, Rapid7 manages the Metasploit Project and is the primary sponsor of the W3AF web assessment tool.
Our vulnerability disclosure policy is available online at:
http://www.rapid7.com/disclosure.jsp
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201008-0270", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "river systems vxworks through", scope: "eq", trust: 1, vendor: "wind", version: "6.56.9", }, { model: "1756-enbt\\/a", scope: "eq", trust: 1, vendor: "rockwellautomation", version: "3.2.6", }, { model: "1756-enbt\\/a", scope: "eq", trust: 1, vendor: "rockwellautomation", version: "3.6.1", }, { model: "vxworks", scope: "lte", trust: 1, vendor: "windriver", version: "6.9.4.12", }, { model: "vxworks", scope: null, trust: 0.8, vendor: "wind river", version: null, }, { model: "1756-enbt series a", scope: null, trust: 0.8, vendor: "rockwell automation", version: null, }, { model: "1756-enbt series a", scope: "eq", trust: 0.8, vendor: "rockwell automation", version: "3.2.6 and 3.6.1", }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "wind river", version: "6.x", }, { model: "vxworks", scope: "lte", trust: 0.8, vendor: "wind river", version: "5.x", }, { model: null, scope: null, trust: 0.6, vendor: "no", version: null, }, { model: "1756-enbt series a", scope: null, trust: 0.6, vendor: "rockwellautomation", version: null, }, { model: "phaser 3635mfp", scope: "eq", trust: 0.3, vendor: "xerox", version: "0", }, { model: "river systems vxworks", scope: "eq", trust: 0.3, vendor: "wind", version: "0", }, { model: "oronoco ap600", scope: "eq", trust: 0.3, vendor: "proxim", version: "2.5.5(1070)", }, { model: "oronoco ap600", scope: "eq", trust: 0.3, vendor: "proxim", version: "2.5.3(914)", }, { model: "oronoco ap600", scope: "eq", trust: 0.3, vendor: "proxim", version: "2.5.2(894)", }, { model: "oronoco ap600", scope: "eq", trust: 0.3, vendor: "proxim", version: "2.4.5(758)", }, { model: "oronoco ap600", scope: "eq", trust: 0.3, vendor: "proxim", version: "2.4.11(821)", }, { model: "oronoco ap600", scope: "eq", trust: 0.3, vendor: "proxim", version: "2.2.0(460)", }, { model: "oronoco ap600", scope: "eq", trust: 0.3, vendor: "proxim", version: "2.1.1(403)", }, { model: "oronoco ap600", scope: null, trust: 0.3, vendor: "proxim", version: null, }, { model: "grandslam", scope: "eq", trust: 0.3, vendor: "paradyne", version: "4200", }, { model: "networks wlan access point", scope: "eq", trust: 0.3, vendor: "nortel", version: "2220", }, { model: "networks passport", scope: "eq", trust: 0.3, vendor: "nortel", version: "1100/1150/1200/1250", }, { model: "networks optical trouble ticketing", scope: "eq", trust: 0.3, vendor: "nortel", version: "0", }, { model: "cmts038-007 cmts2.6.0", scope: null, trust: 0.3, vendor: "kathrein", version: null, }, { model: "cmts038-007 cmts2.17.0", scope: null, trust: 0.3, vendor: "kathrein", version: null, }, { model: "cmts038-007 cmts2.14.0", scope: null, trust: 0.3, vendor: "kathrein", version: null, }, { model: "cmts038-007 cmts2.11.0", scope: null, trust: 0.3, vendor: "kathrein", version: null, }, { model: "gaoke co mg6000 voip gateway", scope: "eq", trust: 0.3, vendor: "", version: "0", }, { model: "networks edgeiron 4802f", scope: "eq", trust: 0.3, vendor: "foundry", version: "1.4.8", }, { model: "networks edgeiron 4802f", scope: "eq", trust: 0.3, vendor: "foundry", version: "1.3.7", }, { model: "networks edgeiron 4802f", scope: "eq", trust: 0.3, vendor: "foundry", version: "0", }, { model: "ons 15454sdh", scope: "eq", trust: 0.3, vendor: "cisco", version: "0", }, { model: "ons", scope: "eq", trust: 0.3, vendor: "cisco", version: "154540", }, { model: "ip phone", scope: "eq", trust: 0.3, vendor: "cisco", version: "7920", }, { model: "cadant c3 cmts", scope: "eq", trust: 0.3, vendor: "arris", version: "0", }, { model: "omniswitch 5.1.5.245.r04", scope: null, trust: 0.3, vendor: "alcatel lucent", version: null, }, ], sources: [ { db: "IVD", id: "7d738f00-463f-11e9-ac13-000c29342cb1", }, { db: "IVD", id: "017253fa-2356-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2010-1489", }, { db: "CNVD", id: "CNVD-2010-3891", }, { db: "BID", id: "42158", }, { db: "JVNDB", id: "JVNDB-2010-001882", }, { db: "JVNDB", id: "JVNDB-2010-005612", }, { db: "CNNVD", id: "CNNVD-201008-029", }, { db: "NVD", id: "CVE-2010-2965", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.9.4.12", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:rockwellautomation:1756-enbt\\/a_firmware:3.2.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:rockwellautomation:1756-enbt\\/a_firmware:3.6.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:rockwellautomation:1756-enbt\\/a:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2010-2965", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "HD Moore", sources: [ { db: "BID", id: "42158", }, ], trust: 0.3, }, cve: "CVE-2010-2965", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, impactScore: 10, integrityImpact: "COMPLETE", obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Complete", baseScore: 10, confidentialityImpact: "Complete", exploitabilityScore: null, id: "CVE-2010-2965", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "CNVD-2010-3891", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "NONE", baseScore: 7.8, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "bab59964-1fb2-11e6-abef-000c29c66e3d", impactScore: 6.9, integrityImpact: "NONE", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:C/I:N/A:N", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "7d72f2c0-463f-11e9-98f5-000c29342cb1", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "7d738f00-463f-11e9-ac13-000c29342cb1", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "017253fa-2356-11e6-abef-000c29c66e3d", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "VHN-45570", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2010-2965", trust: 1.8, value: "HIGH", }, { author: "CNVD", id: "CNVD-2010-3891", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201008-029", trust: 0.6, value: "LOW", }, { author: "IVD", id: "bab59964-1fb2-11e6-abef-000c29c66e3d", trust: 0.2, value: "HIGH", }, { author: "IVD", id: "7d72f2c0-463f-11e9-98f5-000c29342cb1", trust: 0.2, value: "HIGH", }, { author: "IVD", id: "7d738f00-463f-11e9-ac13-000c29342cb1", trust: 0.2, value: "CRITICAL", }, { author: "IVD", id: "017253fa-2356-11e6-abef-000c29c66e3d", trust: 0.2, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-45570", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "IVD", id: "bab59964-1fb2-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d72f2c0-463f-11e9-98f5-000c29342cb1", }, { db: "IVD", id: "7d738f00-463f-11e9-ac13-000c29342cb1", }, { db: "IVD", id: "017253fa-2356-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2010-3891", }, { db: "VULHUB", id: "VHN-45570", }, { db: "JVNDB", id: "JVNDB-2010-005612", }, { db: "CNNVD", id: "CNNVD-201008-029", }, { db: "NVD", id: "CVE-2010-2965", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185, a related issue to CVE-2005-3804. VxWorks Authentication API (loginLib) The hash function used in has a deficiency in collision resistance. It is relatively easy to find a string that has the same hash value as a regular password.Authentication by attacker API (loginLib) May be used to access services using. The problem is CVE-2005-3804 May be related toBy a third party UDP An arbitrary memory area may be read or modified, a function call executed, or a task managed through a request to the port. VxWorks is an embedded real-time operating system. VxWorks has multiple security vulnerabilities that allow an attacker to bypass security restrictions and gain unauthorized access to the system. -VxWorks The WDB target agent runs as a task in VxWorks, which is an optional component in the VxWorks configuration that is enabled by default. It is recommended to reconfigure VxWorks that contain the components required for operations and build the appropriate system image type. It is recommended to remove the WEB target proxy and debug components (INCLUDE_WDB and INCLUDE_DEBUG) and other operating system components that do not need to support the client application. - The HASK algorithm for the standard authentication API under VxWorks is vulnerable to collisions, and attackers with known usernames can access (telnet, rlogin or FTP) services using a standard authentication API (loginDefaultEncrypt(), part of loginLib) in a relative The brute force password is cracked in a short period of time. Since the HASH algorithm is vulnerable to collision, it is not necessary to find the actual password, as long as a string is used to generate the same HASH. For example, when logging in with the default 'target/password', 'y{{{{{SS' will HASH out the same result as 'password'. So you can use 'password' and 'y{{{{{SS' as the password to log in. Permissions and access control vulnerabilities exist in the WDB Target Agent Debugging Service in Wind River VxWorks 6.x, 5.x and earlier. VxWorks is prone to a remote security-bypass vulnerability. \nSuccessful exploits will allow remote attackers to perform debugging tasks on the vulnerable device. \nThe issue affects multiple products from multiple vendors that ship with the VxWorks operating system. \nNOTE: This issue was previously covered in BID 42114 (VxWorks Multiple Security Vulnerabilities) but has been separated into its own record to better document it. R7-0035: VxWorks Authentication Library Weak Password Hashing\nAugust 2, 2010\n\n-- Vulnerability Details:\nThis vulnerability allows remote attackers to bypass the authentication\nprocess for the Telnet and FTP services of the VxWorks operating system. \nThis flaw occurs due to an insecure password hashing implementation in\nthe authentication library (loginLib) of the VxWorks operating system. \nRegardless of what password is set for a particular account, there are a\nonly small number (~210k) of possible hash outputs. Typical passwords\nconsisting of alphanumeric characters and symbols fall within an even\nsmaller range of hash outputs (~8k), making this trivial to brute force\nover the network. To excaberate matters, loginLib has no support for\naccount lockouts and the FTP daemon does not disconnect clients that\nconsistently fail to authenticate. This reduces the brute force time for\nthe FTP service to approximately 30 minutes. \n\nTo demonstrate the hash weakness, the password of \"insecure\" hashes to\nthe value \"Ry99dzRcy9\". The hashing algorithm itself is based on an additive sum\nwith a small XOR operation. The resulting sums are then transformed to a\nprintable string, but the range of possible intermediate values is\nlimited and mostly sequential. The entire collision table has been\nprecomputed and will be released in early September as an input file for\ncommon brute force tools. More information about the hashing algorithm\nitself is available at the Metasploit blog post below:\n\n http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html\n\nThere are three requirements for this vulnerability to be exploited:\n\n * The device must be running at least one service that uses loginLib\nfor authentication. Telnet and FTP do so by default. \n\n * A valid username must be known to the attacker. This is usually easy\nto determine through product manuals or a cursory review of the firmware\nbinaries. \n\n * The target service must be using with default loginLib library and\nmust not have changed the authentication function to point to a custom\nbackend. \n\nA typical VxWorks device will meet all three requirements by default,\nbut customization by the device manufacturer may preclude this from\nbeing exploited. In general, if the device displays a VxWorks banner for\nTelnet or FTP, it is more than likely vulnerable. \n\n-- Vendor Response:\nWind River Systems has notified their customers of the issue and\nsuggested that each downstream vendor replace the existing hash\nimplementation with SHA512 or SHA256. The exact extent of the\nvulnerability and the complete list of affected devices is not known at\nthis time. Example code from Wind River Systems has been supplied to\nCERT and is included in the advisory below:\n\n http://www.kb.cert.org/vuls/id/840249\n\n-- Disclosure Timeline:\n2009-06-02 - Vulnerability reported to CERT for vendor notification\n2009-08-02 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by HD Moore\n\n-- About Rapid7 Security\nRapid7 provides vulnerability management, compliance and penetration\ntesting solutions for Web application, network and database security. In\naddition to developing the NeXpose Vulnerability Management system,\nRapid7 manages the Metasploit Project and is the primary sponsor of the\nW3AF web assessment tool. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.rapid7.com/disclosure.jsp\n\n\n", sources: [ { db: "NVD", id: "CVE-2010-2965", }, { db: "JVNDB", id: "JVNDB-2010-001882", }, { db: "JVNDB", id: "JVNDB-2010-005612", }, { db: "CNVD", id: "CNVD-2010-1489", }, { db: "CNVD", id: "CNVD-2010-3891", }, { db: "BID", id: "42158", }, { db: "IVD", id: "bab59964-1fb2-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d72f2c0-463f-11e9-98f5-000c29342cb1", }, { db: "IVD", id: "7d738f00-463f-11e9-ac13-000c29342cb1", }, { db: "IVD", id: "017253fa-2356-11e6-abef-000c29c66e3d", }, { db: "VULHUB", id: "VHN-45570", }, { db: "PACKETSTORM", id: "92449", }, ], trust: 4.59, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "CERT/CC", id: "VU#362332", trust: 4, }, { db: "NVD", id: "CVE-2010-2965", trust: 3.8, }, { db: "CNNVD", id: "CNNVD-201008-029", trust: 1.1, }, { db: "CNVD", id: "CNVD-2010-1489", trust: 1, }, { db: "CNVD", id: "CNVD-2010-3891", trust: 1, }, { db: "CERT/CC", id: "VU#840249", trust: 0.9, }, { db: "JVNDB", id: "JVNDB-2010-001882", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2010-005612", trust: 0.8, }, { db: "BID", id: "42114", trust: 0.6, }, { db: "BID", id: "42158", trust: 0.4, }, { db: "IVD", id: "BAB59964-1FB2-11E6-ABEF-000C29C66E3D", trust: 0.2, }, { db: "IVD", id: "7D72F2C0-463F-11E9-98F5-000C29342CB1", trust: 0.2, }, { db: "IVD", id: "7D738F00-463F-11E9-AC13-000C29342CB1", trust: 0.2, }, { db: "IVD", id: "017253FA-2356-11E6-ABEF-000C29C66E3D", trust: 0.2, }, { db: "VULHUB", id: "VHN-45570", trust: 0.1, }, { db: "PACKETSTORM", id: "92449", trust: 0.1, }, ], sources: [ { db: "IVD", id: "bab59964-1fb2-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d72f2c0-463f-11e9-98f5-000c29342cb1", }, { db: "IVD", id: "7d738f00-463f-11e9-ac13-000c29342cb1", }, { db: "IVD", id: "017253fa-2356-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2010-1489", }, { db: "CNVD", id: "CNVD-2010-3891", }, { db: "VULHUB", id: "VHN-45570", }, { db: "BID", id: "42158", }, { db: "JVNDB", id: "JVNDB-2010-001882", }, { db: "JVNDB", id: "JVNDB-2010-005612", }, { db: "PACKETSTORM", id: "92449", }, { db: "CNNVD", id: "CNNVD-201008-029", }, { db: "NVD", id: "CVE-2010-2965", }, ], }, id: "VAR-201008-0270", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "bab59964-1fb2-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d72f2c0-463f-11e9-98f5-000c29342cb1", }, { db: "IVD", id: "7d738f00-463f-11e9-ac13-000c29342cb1", }, { db: "IVD", id: "017253fa-2356-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2010-1489", }, { db: "CNVD", id: "CNVD-2010-3891", }, { db: "VULHUB", id: "VHN-45570", }, ], trust: 2.5176819200000002, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 2, }, ], sources: [ { db: "IVD", id: "bab59964-1fb2-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d72f2c0-463f-11e9-98f5-000c29342cb1", }, { db: "IVD", id: "7d738f00-463f-11e9-ac13-000c29342cb1", }, { db: "IVD", id: "017253fa-2356-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2010-1489", }, { db: "CNVD", id: "CNVD-2010-3891", }, ], }, last_update_date: "2024-07-23T22:14:01.941000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Top Page", trust: 0.8, url: "http://windriver.com/", }, { title: "Top Page", trust: 0.8, url: "http://www.rockwellautomation.com/", }, { title: "Top Page", trust: 0.8, url: "http://windriver.com/index.html", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2010-001882", }, { db: "JVNDB", id: "JVNDB-2010-005612", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-863", trust: 1, }, { problemtype: "CWE-264", trust: 0.9, }, ], sources: [ { db: "VULHUB", id: "VHN-45570", }, { db: "JVNDB", id: "JVNDB-2010-005612", }, { db: "NVD", id: "CVE-2010-2965", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 3.4, url: "http://www.kb.cert.org/vuls/id/362332", }, { trust: 2.1, url: "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", }, { trust: 1.7, url: "http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=69735", }, { trust: 1.7, url: "http://www.kb.cert.org/vuls/id/mapg-86epfa", }, { trust: 1.7, url: "http://www.kb.cert.org/vuls/id/mapg-86fpql", }, { trust: 1.7, url: "https://support.windriver.com/olsportal/faces/maintenance/downloaddetails.jspx?contentid=033708", }, { trust: 0.9, url: "http://www.kb.cert.org/vuls/id/840249", }, { trust: 0.8, url: "http://jvn.jp/cert/jvnvu840249", }, { trust: 0.8, url: "http://www.kb.cert.org/vuls/id/mapg-863qh9", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2965", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2965", }, { trust: 0.6, url: "http://www.kb.cert.org/vuls/id/362332http", }, { trust: 0.3, url: "http://download.schneider-electric.com/files?p_doc_ref=sevd%202013-345-01", }, { trust: 0.3, url: "http://www.windriver.com/", }, { trust: 0.3, url: "/archive/1/512825", }, { trust: 0.1, url: "http://www.rapid7.com/disclosure.jsp", }, ], sources: [ { db: "CNVD", id: "CNVD-2010-1489", }, { db: "CNVD", id: "CNVD-2010-3891", }, { db: "VULHUB", id: "VHN-45570", }, { db: "BID", id: "42158", }, { db: "JVNDB", id: "JVNDB-2010-001882", }, { db: "JVNDB", id: "JVNDB-2010-005612", }, { db: "PACKETSTORM", id: "92449", }, { db: "CNNVD", id: "CNNVD-201008-029", }, { db: "NVD", id: "CVE-2010-2965", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "bab59964-1fb2-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d72f2c0-463f-11e9-98f5-000c29342cb1", }, { db: "IVD", id: "7d738f00-463f-11e9-ac13-000c29342cb1", }, { db: "IVD", id: "017253fa-2356-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2010-1489", }, { db: "CNVD", id: "CNVD-2010-3891", }, { db: "VULHUB", id: "VHN-45570", }, { db: "BID", id: "42158", }, { db: "JVNDB", id: "JVNDB-2010-001882", }, { db: "JVNDB", id: "JVNDB-2010-005612", }, { db: "PACKETSTORM", id: "92449", }, { db: "CNNVD", id: "CNNVD-201008-029", }, { db: "NVD", id: "CVE-2010-2965", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2010-08-03T00:00:00", db: "IVD", id: "bab59964-1fb2-11e6-abef-000c29c66e3d", }, { date: "2010-08-03T00:00:00", db: "IVD", id: "7d72f2c0-463f-11e9-98f5-000c29342cb1", }, { date: "2010-08-05T00:00:00", db: "IVD", id: "7d738f00-463f-11e9-ac13-000c29342cb1", }, { date: "2010-08-05T00:00:00", db: "IVD", id: "017253fa-2356-11e6-abef-000c29c66e3d", }, { date: "2010-08-03T00:00:00", db: "CNVD", id: "CNVD-2010-1489", }, { date: "2010-08-05T00:00:00", db: "CNVD", id: "CNVD-2010-3891", }, { date: "2010-08-05T00:00:00", db: "VULHUB", id: "VHN-45570", }, { date: "2010-08-02T00:00:00", db: "BID", id: "42158", }, { date: "2010-08-26T00:00:00", db: "JVNDB", id: "JVNDB-2010-001882", }, { date: "2012-12-20T00:00:00", db: "JVNDB", id: "JVNDB-2010-005612", }, { date: "2010-08-03T18:01:12", db: "PACKETSTORM", id: "92449", }, { date: "2010-08-05T00:00:00", db: "CNNVD", id: "CNNVD-201008-029", }, { date: "2010-08-05T13:22:29.793000", db: "NVD", id: "CVE-2010-2965", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2010-08-03T00:00:00", db: "CNVD", id: "CNVD-2010-1489", }, { date: "2010-08-05T00:00:00", db: "CNVD", id: "CNVD-2010-3891", }, { date: "2010-08-05T00:00:00", db: "VULHUB", id: "VHN-45570", }, { date: "2015-03-19T08:47:00", db: "BID", id: "42158", }, { date: "2010-08-26T00:00:00", db: "JVNDB", id: "JVNDB-2010-001882", }, { date: "2012-12-20T00:00:00", db: "JVNDB", id: "JVNDB-2010-005612", }, { date: "2022-08-08T00:00:00", db: "CNNVD", id: "CNNVD-201008-029", }, { date: "2022-08-05T18:38:58.783000", db: "NVD", id: "CVE-2010-2965", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201008-029", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River Systems VxWorks Authentication API (loginLib) Problems", sources: [ { db: "JVNDB", id: "JVNDB-2010-001882", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "permissions and access control issues", sources: [ { db: "CNNVD", id: "CNNVD-201008-029", }, ], trust: 0.6, }, }
var-202007-0326
Vulnerability from variot
httpRpmFs in WebCLI in Wind River VxWorks 5.5 through 7 SR0640 has no check for an escape from the web root. WebCLI is one of the web-based command line interfaces. Attackers can use this vulnerability to bypass access restrictions by sending a specially crafted request
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202007-0326", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "vxworks", scope: "lt", trust: 1, vendor: "windriver", version: "7.0", }, { model: "vxworks", scope: "eq", trust: 1, vendor: "windriver", version: "7.0", }, { model: "vxworks", scope: "gte", trust: 1, vendor: "windriver", version: "5.5", }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "wind river", version: "5.5 から 7 sr0640", }, { model: "river systems wind river systems vxworks sr0640", scope: "gte", trust: 0.6, vendor: "wind", version: "5.5,<=7", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-49403", }, { db: "JVNDB", id: "JVNDB-2020-008768", }, { db: "NVD", id: "CVE-2020-11440", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "7.0", versionStartIncluding: "5.5", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:7.0:-:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:7.0:sr0630:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2020-11440", }, ], }, cve: "CVE-2020-11440", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, impactScore: 2.9, integrityImpact: "NONE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "None", baseScore: 5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "JVNDB-2020-008768", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2020-49403", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 7.5, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2020-008768", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2020-11440", trust: 1, value: "HIGH", }, { author: "NVD", id: "JVNDB-2020-008768", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2020-49403", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202007-1399", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-49403", }, { db: "JVNDB", id: "JVNDB-2020-008768", }, { db: "NVD", id: "CVE-2020-11440", }, { db: "CNNVD", id: "CNNVD-202007-1399", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "httpRpmFs in WebCLI in Wind River VxWorks 5.5 through 7 SR0640 has no check for an escape from the web root. WebCLI is one of the web-based command line interfaces. Attackers can use this vulnerability to bypass access restrictions by sending a specially crafted request", sources: [ { db: "NVD", id: "CVE-2020-11440", }, { db: "JVNDB", id: "JVNDB-2020-008768", }, { db: "CNVD", id: "CNVD-2020-49403", }, ], trust: 2.16, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-11440", trust: 3, }, { db: "JVNDB", id: "JVNDB-2020-008768", trust: 0.8, }, { db: "CNVD", id: "CNVD-2020-49403", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202007-1399", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-49403", }, { db: "JVNDB", id: "JVNDB-2020-008768", }, { db: "NVD", id: "CVE-2020-11440", }, { db: "CNNVD", id: "CNNVD-202007-1399", }, ], }, id: "VAR-202007-0326", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-49403", }, ], trust: 0.06, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-49403", }, ], }, last_update_date: "2023-12-18T12:16:59.047000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "CVE-2020-11440", trust: 0.8, url: "https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2020-11440", }, { title: "Top Page", trust: 0.8, url: "https://windriver.com", }, { title: "Patch for Wind River Systems VxWorks WebCLI Information Disclosure Vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/228625", }, { title: "Wind River Systems VxWorks WebCLI Repair measures for information disclosure vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=125181", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-49403", }, { db: "JVNDB", id: "JVNDB-2020-008768", }, { db: "CNNVD", id: "CNNVD-202007-1399", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "NVD-CWE-noinfo", trust: 1, }, { problemtype: "CWE-200", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-008768", }, { db: "NVD", id: "CVE-2020-11440", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.2, url: "https://windriver.com", }, { trust: 1.6, url: "https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2020-11440", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-11440", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-11440", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/wind-river-vxworks-directory-traversal-via-webcli-32914", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-49403", }, { db: "JVNDB", id: "JVNDB-2020-008768", }, { db: "NVD", id: "CVE-2020-11440", }, { db: "CNNVD", id: "CNNVD-202007-1399", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-49403", }, { db: "JVNDB", id: "JVNDB-2020-008768", }, { db: "NVD", id: "CVE-2020-11440", }, { db: "CNNVD", id: "CNNVD-202007-1399", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-08-05T00:00:00", db: "CNVD", id: "CNVD-2020-49403", }, { date: "2020-09-24T00:00:00", db: "JVNDB", id: "JVNDB-2020-008768", }, { date: "2020-07-23T14:15:12.167000", db: "NVD", id: "CVE-2020-11440", }, { date: "2020-07-23T00:00:00", db: "CNNVD", id: "CNNVD-202007-1399", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-08-31T00:00:00", db: "CNVD", id: "CNVD-2020-49403", }, { date: "2020-09-24T00:00:00", db: "JVNDB", id: "JVNDB-2020-008768", }, { date: "2021-07-21T11:39:23.747000", db: "NVD", id: "CVE-2020-11440", }, { date: "2020-07-29T00:00:00", db: "CNNVD", id: "CNNVD-202007-1399", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202007-1399", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River Systems VxWorks WebCLI Information Disclosure Vulnerability", sources: [ { db: "CNVD", id: "CNVD-2020-49403", }, { db: "CNNVD", id: "CNNVD-202007-1399", }, ], trust: 1.2, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "information disclosure", sources: [ { db: "CNNVD", id: "CNNVD-202007-1399", }, ], trust: 0.6, }, }
var-201908-0715
Vulnerability from variot
Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. This is a IPNET security vulnerability: DoS of TCP connection via malformed TCP options. Wind River Systems VxWorks is an embedded real-time operating system (RTOS) from Wind River Systems. This vulnerability stems from the lack of authentication measures or insufficient authentication strength in network systems or products. The following products and versions are affected: Wind River Systems VxWorks Version 7, Version 6.9, Version 6.8, Version 6.7, Version 6.6. A vulnerability in Wind River VxWorks could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on a targeted system. A successful exploit could allow the malicious user to cause a DoS condition on the targeted system
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201908-0715", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: null, scope: "eq", trust: 2.4, vendor: "sonicos", version: "*", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.5.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.6.1", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.0.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "5.9.0.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.4.0.", }, { model: "e-series santricity os controller", scope: "gte", trust: 1, vendor: "netapp", version: "8.00", }, { model: "sonicos", scope: "eq", trust: 1, vendor: "sonicwall", version: "6.2.7.0", }, { model: "power meter 9410", scope: "lt", trust: 1, vendor: "siemens", version: "2.2.1", }, { model: "ruggedcom win7025", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.2.3", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "5.9.1.0.", }, { model: "ruggedcom win7200", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.7.0", }, { model: "sonicos", scope: "eq", trust: 1, vendor: "sonicwall", version: "6.2.7.1", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.3.1", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.2.04", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.1.4", }, { model: "sonicos", scope: "eq", trust: 1, vendor: "sonicwall", version: "6.2.7.7", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.0.07", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.5.3", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "5.9.1.12", }, { model: "vxworks", scope: "lt", trust: 1, vendor: "windriver", version: "6.9.4.12", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.9.2", }, { model: "vxworks", scope: "gte", trust: 1, vendor: "windriver", version: "6.5", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.0.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.6.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.4.3", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.4.3", }, { model: "ruggedcom win7000", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "power meter 9810", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "siprotec 5", scope: "lt", trust: 1, vendor: "siemens", version: "7.59", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.7.4", }, { model: "siprotec 5", scope: "lt", trust: 1, vendor: "siemens", version: "7.91", }, { model: "garrettcom magnum dx940e", scope: "lte", trust: 1, vendor: "belden", version: "1.0.1_y7", }, { model: "e-series santricity os controller", scope: "lte", trust: 1, vendor: "netapp", version: "8.40.50.00", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.1.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.9.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "5.9.0.7", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.5.01", }, { model: "ruggedcom win7018", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.3.0", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "05.3.06", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.0.3", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.2.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.4.0", }, { model: "vxworks", scope: "eq", trust: 1, vendor: "windriver", version: "7.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.3.3", }, { model: "e-series santricity os controller", scope: null, trust: 0.8, vendor: "netapp", version: null, }, { model: "siprotec 5", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "sonicos", scope: null, trust: 0.8, vendor: "sonicwall", version: null, }, { model: "vxworks", scope: null, trust: 0.8, vendor: "ウインドリバー株式会社", version: null, }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.9", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.8", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.7", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.6", }, { model: null, scope: "eq", trust: 0.4, vendor: "siprotec 5", version: "*", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "*", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "7", }, { model: null, scope: "eq", trust: 0.2, vendor: "e series santricity os controller", version: "*", }, { model: null, scope: "eq", trust: 0.2, vendor: "sonicos", version: "6.2.7.0", }, { model: null, scope: "eq", trust: 0.2, vendor: "sonicos", version: "6.2.7.1", }, { model: null, scope: "eq", trust: 0.2, vendor: "sonicos", version: "6.2.7.7", }, ], sources: [ { db: "IVD", id: "447d6a09-30fb-4736-bac8-9c0272f13a81", }, { db: "CNVD", id: "CNVD-2019-25703", }, { db: "JVNDB", id: "JVNDB-2019-007842", }, { db: "NVD", id: "CVE-2019-12258", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:windriver:vxworks:7.0:-:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "6.9.4.12", versionStartIncluding: "6.5", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.4.3", versionStartIncluding: "6.5.4.0.", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.3.3", versionStartIncluding: "6.5.3.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.2.3", versionStartIncluding: "6.5.2.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.1.4", versionStartIncluding: "6.5.1.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.0.3", versionStartIncluding: "6.5.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.7.4", versionStartIncluding: "6.2.7.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.6.1", versionStartIncluding: "6.2.6.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.5.3", versionStartIncluding: "6.2.5.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.4.3", versionStartIncluding: "6.2.4.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.3.1", versionStartIncluding: "6.2.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.9.1.12", versionStartIncluding: "5.9.1.0.", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.9.0.7", versionStartIncluding: "5.9.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:6.2.7.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:6.2.7.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:6.2.7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.9.2", versionStartIncluding: "6.2.9.0", vulnerable: true, }, ], operator: "OR", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp200", cpe_name: [], versionEndExcluding: "7.59", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "8.40.50.00", versionStartIncluding: "8.00", vulnerable: true, }, ], operator: "OR", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp300", cpe_name: [], versionEndExcluding: "7.91", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:power_meter_9410_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.2.1", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:power_meter_9410:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:power_meter_9810_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:power_meter_9810:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7018_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7018:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7025_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7025:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7200:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.0.07", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rail_switch_power_lite:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rail_switch_power_smart:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_red25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1042:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1142:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1020:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1120:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1030:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1130:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eesx20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eesx30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_ees20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_ees25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp32:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe32:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe35:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe37:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp35:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.5.01", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_octopus_os3:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.2.04", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_dragon_mach4000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_dragon_mach4500:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "05.3.06", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle_one:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:garrettcom_magnum_dx940e_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "1.0.1_y7", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:garrettcom_magnum_dx940e:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2019-12258", }, ], }, cve: "CVE-2019-12258", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, impactScore: 2.9, integrityImpact: "NONE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 5, confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2019-12258", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.9, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 9.4, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "CNVD-2019-25703", impactScore: 9.2, integrityImpact: "NONE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:C/I:N/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "COMPLETE", baseScore: 9.4, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "447d6a09-30fb-4736-bac8-9c0272f13a81", impactScore: 9.2, integrityImpact: "NONE", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:C/I:N/A:C", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "VHN-143986", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:N/I:N/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.5, baseSeverity: "High", confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2019-12258", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2019-12258", trust: 1.8, value: "HIGH", }, { author: "CNVD", id: "CNVD-2019-25703", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201907-1495", trust: 0.6, value: "HIGH", }, { author: "IVD", id: "447d6a09-30fb-4736-bac8-9c0272f13a81", trust: 0.2, value: "HIGH", }, { author: "VULHUB", id: "VHN-143986", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2019-12258", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "IVD", id: "447d6a09-30fb-4736-bac8-9c0272f13a81", }, { db: "CNVD", id: "CNVD-2019-25703", }, { db: "VULHUB", id: "VHN-143986", }, { db: "VULMON", id: "CVE-2019-12258", }, { db: "JVNDB", id: "JVNDB-2019-007842", }, { db: "NVD", id: "CVE-2019-12258", }, { db: "CNNVD", id: "CNNVD-201907-1495", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. This is a IPNET security vulnerability: DoS of TCP connection via malformed TCP options. Wind River Systems VxWorks is an embedded real-time operating system (RTOS) from Wind River Systems. This vulnerability stems from the lack of authentication measures or insufficient authentication strength in network systems or products. The following products and versions are affected: Wind River Systems VxWorks Version 7, Version 6.9, Version 6.8, Version 6.7, Version 6.6. A vulnerability in Wind River VxWorks could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on a targeted system. A successful exploit could allow the malicious user to cause a DoS condition on the targeted system", sources: [ { db: "NVD", id: "CVE-2019-12258", }, { db: "JVNDB", id: "JVNDB-2019-007842", }, { db: "CNVD", id: "CNVD-2019-25703", }, { db: "IVD", id: "447d6a09-30fb-4736-bac8-9c0272f13a81", }, { db: "VULHUB", id: "VHN-143986", }, { db: "VULMON", id: "CVE-2019-12258", }, ], trust: 2.52, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-12258", trust: 4.2, }, { db: "SIEMENS", id: "SSA-352504", trust: 1.8, }, { db: "SIEMENS", id: "SSA-189842", trust: 1.8, }, { db: "SIEMENS", id: "SSA-632562", trust: 1.8, }, { db: "ICS CERT", id: "ICSA-19-274-01", trust: 1.4, }, { db: "ICS CERT", id: "ICSA-19-211-01", trust: 1.4, }, { db: "ICS CERT", id: "ICSMA-19-274-01", trust: 1.4, }, { db: "CNNVD", id: "CNNVD-201907-1495", trust: 0.9, }, { db: "ICS CERT", id: "ICSA-23-320-10", trust: 0.9, }, { db: "CNVD", id: "CNVD-2019-25703", trust: 0.8, }, { db: "JVN", id: "JVNVU92598492", trust: 0.8, }, { db: "JVN", id: "JVNVU92467308", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2019-007842", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2019.3695.5", trust: 0.6, }, { db: "AUSCERT", id: "ASB-2019.0224", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.3245", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.2856", trust: 0.6, }, { db: "IVD", id: "447D6A09-30FB-4736-BAC8-9C0272F13A81", trust: 0.2, }, { db: "VULHUB", id: "VHN-143986", trust: 0.1, }, { db: "VULMON", id: "CVE-2019-12258", trust: 0.1, }, ], sources: [ { db: "IVD", id: "447d6a09-30fb-4736-bac8-9c0272f13a81", }, { db: "CNVD", id: "CNVD-2019-25703", }, { db: "VULHUB", id: "VHN-143986", }, { db: "VULMON", id: "CVE-2019-12258", }, { db: "JVNDB", id: "JVNDB-2019-007842", }, { db: "NVD", id: "CVE-2019-12258", }, { db: "CNNVD", id: "CNNVD-201907-1495", }, ], }, id: "VAR-201908-0715", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "447d6a09-30fb-4736-bac8-9c0272f13a81", }, { db: "CNVD", id: "CNVD-2019-25703", }, { db: "VULHUB", id: "VHN-143986", }, ], trust: 1.38913044, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "447d6a09-30fb-4736-bac8-9c0272f13a81", }, { db: "CNVD", id: "CNVD-2019-25703", }, ], }, last_update_date: "2023-12-18T11:44:58.441000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Security Notices Siemens Siemens Security Advisory", trust: 0.8, url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { title: "Wind River Systems VxWorks Parameter Denial of Service Vulnerability Patch", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/172949", }, { title: "Wind River Systems VxWorks Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=95610", }, { title: "The Register", trust: 0.2, url: "https://www.theregister.co.uk/2019/07/29/wind_river_patches_vxworks/", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=1f919286ef48798d96223ef4d2143337", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=2dd69ca01b84b80e09672fedb1c26f51", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=99fa839be73f2df819a67c27caa912f8", }, { title: "Fortinet Security Advisories: Wind River VxWorks IPnet TCP/IP Stack Vulnerabilities (aka. URGENT/11)", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=fortinet_security_advisories&qid=fg-ir-19-222", }, { title: "urgent11-detector", trust: 0.1, url: "https://github.com/armissecurity/urgent11-detector ", }, { title: "Urgent11-Suricata-LUA-scripts", trust: 0.1, url: "https://github.com/sud0woodo/urgent11-suricata-lua-scripts ", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-25703", }, { db: "VULMON", id: "CVE-2019-12258", }, { db: "JVNDB", id: "JVNDB-2019-007842", }, { db: "CNNVD", id: "CNNVD-201907-1495", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-384", trust: 1.1, }, { problemtype: "Session immobilization (CWE-384) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "VULHUB", id: "VHN-143986", }, { db: "JVNDB", id: "JVNDB-2019-007842", }, { db: "NVD", id: "CVE-2019-12258", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-12258", }, { trust: 1.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { trust: 1.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { trust: 1.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { trust: 1.8, url: "https://psirt.global.sonicwall.com/vuln-detail/snwlid-2019-0009", }, { trust: 1.8, url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { trust: 1.8, url: "https://support.f5.com/csp/article/k41190253", }, { trust: 1.8, url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { trust: 1.8, url: "https://support2.windriver.com/index.php?page=security-notices", }, { trust: 1.7, url: "https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2019-12258", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsa-19-274-01", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsma-19-274-01", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsa-19-211-01", }, { trust: 0.9, url: "https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-10", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu92467308/", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu92598492/", }, { trust: 0.6, url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/security-advisory-ipnet/security-advisory-ipnet.pdf", }, { trust: 0.6, url: "https://www.tenable.com/blog/critical-vulnerabilities-dubbed-urgent11-place-devices-running-vxworks-at-risk-of-rce-attacks", }, { trust: 0.6, url: "https://fortiguard.com/psirt/fg-ir-19-222", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.3695.5/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.2856/", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/wind-river-vxworks-multiple-vulnerabilities-via-ipnet-29905", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/asb-2019.0224/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.3245/", }, { trust: 0.1, url: "https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2019-12258", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/384.html", }, { trust: 0.1, url: "https://github.com/armissecurity/urgent11-detector", }, { trust: 0.1, url: "http://tools.cisco.com/security/center/viewalert.x?alertid=60685", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-25703", }, { db: "VULHUB", id: "VHN-143986", }, { db: "VULMON", id: "CVE-2019-12258", }, { db: "JVNDB", id: "JVNDB-2019-007842", }, { db: "NVD", id: "CVE-2019-12258", }, { db: "CNNVD", id: "CNNVD-201907-1495", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "447d6a09-30fb-4736-bac8-9c0272f13a81", }, { db: "CNVD", id: "CNVD-2019-25703", }, { db: "VULHUB", id: "VHN-143986", }, { db: "VULMON", id: "CVE-2019-12258", }, { db: "JVNDB", id: "JVNDB-2019-007842", }, { db: "NVD", id: "CVE-2019-12258", }, { db: "CNNVD", id: "CNNVD-201907-1495", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-08-02T00:00:00", db: "IVD", id: "447d6a09-30fb-4736-bac8-9c0272f13a81", }, { date: "2019-08-02T00:00:00", db: "CNVD", id: "CNVD-2019-25703", }, { date: "2019-08-09T00:00:00", db: "VULHUB", id: "VHN-143986", }, { date: "2019-08-09T00:00:00", db: "VULMON", id: "CVE-2019-12258", }, { date: "2019-08-21T00:00:00", db: "JVNDB", id: "JVNDB-2019-007842", }, { date: "2019-08-09T20:15:11.410000", db: "NVD", id: "CVE-2019-12258", }, { date: "2019-07-29T00:00:00", db: "CNNVD", id: "CNNVD-201907-1495", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-08-02T00:00:00", db: "CNVD", id: "CNVD-2019-25703", }, { date: "2019-09-10T00:00:00", db: "VULHUB", id: "VHN-143986", }, { date: "2022-08-12T00:00:00", db: "VULMON", id: "CVE-2019-12258", }, { date: "2023-11-21T01:13:00", db: "JVNDB", id: "JVNDB-2019-007842", }, { date: "2022-08-12T18:44:39.313000", db: "NVD", id: "CVE-2019-12258", }, { date: "2022-03-10T00:00:00", db: "CNNVD", id: "CNNVD-201907-1495", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201907-1495", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River Systems VxWorks Parameter Denial of Service Vulnerability", sources: [ { db: "IVD", id: "447d6a09-30fb-4736-bac8-9c0272f13a81", }, { db: "CNVD", id: "CNVD-2019-25703", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "authorization issue", sources: [ { db: "CNNVD", id: "CNNVD-201907-1495", }, ], trust: 0.6, }, }
var-201908-0702
Vulnerability from variot
Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host. Wind River VxWorks Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Wind River Systems VxWorks is an embedded real-time operating system (RTOS) from Wind River Systems. An attacker could exploit the vulnerability to execute code. The following products and versions are affected: Wind River Systems VxWorks Version 7, Version 6.9, Version 6.8, Version 6.7. A vulnerability in Wind River VxWorks could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition or execute arbitrary code on a targeted system. A successful exploit could cause an Urgent Pointer state confusion, which could allow the malicious user to execute arbitrary code or cause a DoS condition on the targeted system
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201908-0702", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: null, scope: "eq", trust: 2.6, vendor: "sonicos", version: "*", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.5.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.6.1", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.0.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "5.9.0.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.4.0.", }, { model: "e-series santricity os controller", scope: "gte", trust: 1, vendor: "netapp", version: "8.00", }, { model: "sonicos", scope: "eq", trust: 1, vendor: "sonicwall", version: "6.2.7.0", }, { model: "power meter 9410", scope: "lt", trust: 1, vendor: "siemens", version: "2.2.1", }, { model: "ruggedcom win7025", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.2.3", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "5.9.1.0.", }, { model: "ruggedcom win7200", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.7.0", }, { model: "sonicos", scope: "eq", trust: 1, vendor: "sonicwall", version: "6.2.7.1", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.3.1", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.2.04", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.1.4", }, { model: "sonicos", scope: "eq", trust: 1, vendor: "sonicwall", version: "6.2.7.7", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.0.07", }, { model: "communications eagle", scope: "lte", trust: 1, vendor: "oracle", version: "46.8.2", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.5.3", }, { model: "communications eagle", scope: "gte", trust: 1, vendor: "oracle", version: "46.6.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "5.9.1.12", }, { model: "vxworks", scope: "lt", trust: 1, vendor: "windriver", version: "6.9.4.12", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.9.2", }, { model: "vxworks", scope: "gte", trust: 1, vendor: "windriver", version: "6.5", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.0.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.6.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.4.3", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.4.3", }, { model: "ruggedcom win7000", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "power meter 9810", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "siprotec 5", scope: "lt", trust: 1, vendor: "siemens", version: "7.59", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.7.4", }, { model: "siprotec 5", scope: "lt", trust: 1, vendor: "siemens", version: "7.91", }, { model: "garrettcom magnum dx940e", scope: "lte", trust: 1, vendor: "belden", version: "1.0.1_y7", }, { model: "e-series santricity os controller", scope: "lte", trust: 1, vendor: "netapp", version: "8.40.50.00", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.1.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.9.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "5.9.0.7", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.5.01", }, { model: "ruggedcom win7018", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.3.0", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "05.3.06", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.0.3", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.2.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.4.0", }, { model: "vxworks", scope: "eq", trust: 1, vendor: "windriver", version: "7.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.3.3", }, { model: "e-series santricity os controller", scope: null, trust: 0.8, vendor: "netapp", version: null, }, { model: "siprotec 5", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "sonicos", scope: null, trust: 0.8, vendor: "sonicwall", version: null, }, { model: "vxworks", scope: null, trust: 0.8, vendor: "ウインドリバー株式会社", version: null, }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.9", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.8", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.7", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.6", }, { model: null, scope: "eq", trust: 0.4, vendor: "siprotec 5", version: "*", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "*", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "7", }, { model: null, scope: "eq", trust: 0.2, vendor: "e series santricity os controller", version: "*", }, { model: null, scope: "eq", trust: 0.2, vendor: "sonicos", version: "6.2.7.1", }, { model: null, scope: "eq", trust: 0.2, vendor: "sonicos", version: "6.2.7.7", }, ], sources: [ { db: "IVD", id: "522cca90-a84a-490a-9f56-4c706ba3f1f5", }, { db: "CNVD", id: "CNVD-2019-25701", }, { db: "JVNDB", id: "JVNDB-2019-007840", }, { db: "NVD", id: "CVE-2019-12261", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:windriver:vxworks:7.0:-:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "6.9.4.12", versionStartIncluding: "6.5", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.4.3", versionStartIncluding: "6.5.4.0.", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.3.3", versionStartIncluding: "6.5.3.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.2.3", versionStartIncluding: "6.5.2.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.1.4", versionStartIncluding: "6.5.1.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.0.3", versionStartIncluding: "6.5.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.7.4", versionStartIncluding: "6.2.7.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.6.1", versionStartIncluding: "6.2.6.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.5.3", versionStartIncluding: "6.2.5.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.4.3", versionStartIncluding: "6.2.4.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.3.1", versionStartIncluding: "6.2.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.9.1.12", versionStartIncluding: "5.9.1.0.", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.9.0.7", versionStartIncluding: "5.9.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:6.2.7.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:6.2.7.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:6.2.7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.9.2", versionStartIncluding: "6.2.9.0", vulnerable: true, }, ], operator: "OR", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp200", cpe_name: [], versionEndExcluding: "7.59", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "8.40.50.00", versionStartIncluding: "8.00", vulnerable: true, }, ], operator: "OR", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp300", cpe_name: [], versionEndExcluding: "7.91", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:power_meter_9410_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.2.1", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:power_meter_9410:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:power_meter_9810_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:power_meter_9810:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7018_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7018:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7025_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7025:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7200:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:oracle:communications_eagle:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "46.8.2", versionStartIncluding: "46.6.0", vulnerable: true, }, ], operator: "OR", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.0.07", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rail_switch_power_lite:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rail_switch_power_smart:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_red25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1042:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1142:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1020:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1120:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1030:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1130:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eesx20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eesx30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_ees20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_ees25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp32:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe32:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe35:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe37:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp35:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.5.01", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_octopus_os3:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.2.04", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_dragon_mach4000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_dragon_mach4500:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "05.3.06", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle_one:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:garrettcom_magnum_dx940e_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "1.0.1_y7", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:garrettcom_magnum_dx940e:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2019-12261", }, ], }, cve: "CVE-2019-12261", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 7.5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2019-12261", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.9, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2019-25701", impactScore: 4.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "522cca90-a84a-490a-9f56-4c706ba3f1f5", impactScore: 4.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:P", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-143990", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2019-12261", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2019-12261", trust: 1.8, value: "CRITICAL", }, { author: "CNVD", id: "CNVD-2019-25701", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201907-1494", trust: 0.6, value: "CRITICAL", }, { author: "IVD", id: "522cca90-a84a-490a-9f56-4c706ba3f1f5", trust: 0.2, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-143990", trust: 0.1, value: "HIGH", }, { author: "VULMON", id: "CVE-2019-12261", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "IVD", id: "522cca90-a84a-490a-9f56-4c706ba3f1f5", }, { db: "CNVD", id: "CNVD-2019-25701", }, { db: "VULHUB", id: "VHN-143990", }, { db: "VULMON", id: "CVE-2019-12261", }, { db: "JVNDB", id: "JVNDB-2019-007840", }, { db: "NVD", id: "CVE-2019-12261", }, { db: "CNNVD", id: "CNNVD-201907-1494", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host. Wind River VxWorks Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Wind River Systems VxWorks is an embedded real-time operating system (RTOS) from Wind River Systems. An attacker could exploit the vulnerability to execute code. The following products and versions are affected: Wind River Systems VxWorks Version 7, Version 6.9, Version 6.8, Version 6.7. A vulnerability in Wind River VxWorks could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition or execute arbitrary code on a targeted system. A successful exploit could cause an Urgent Pointer state confusion, which could allow the malicious user to execute arbitrary code or cause a DoS condition on the targeted system", sources: [ { db: "NVD", id: "CVE-2019-12261", }, { db: "JVNDB", id: "JVNDB-2019-007840", }, { db: "CNVD", id: "CNVD-2019-25701", }, { db: "IVD", id: "522cca90-a84a-490a-9f56-4c706ba3f1f5", }, { db: "VULHUB", id: "VHN-143990", }, { db: "VULMON", id: "CVE-2019-12261", }, ], trust: 2.52, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-12261", trust: 4.2, }, { db: "SIEMENS", id: "SSA-352504", trust: 1.8, }, { db: "SIEMENS", id: "SSA-189842", trust: 1.8, }, { db: "SIEMENS", id: "SSA-632562", trust: 1.8, }, { db: "ICS CERT", id: "ICSA-19-274-01", trust: 1.4, }, { db: "ICS CERT", id: "ICSA-19-211-01", trust: 1.4, }, { db: "ICS CERT", id: "ICSMA-19-274-01", trust: 1.4, }, { db: "CNNVD", id: "CNNVD-201907-1494", trust: 0.9, }, { db: "ICS CERT", id: "ICSA-23-320-10", trust: 0.9, }, { db: "CNVD", id: "CNVD-2019-25701", trust: 0.8, }, { db: "JVN", id: "JVNVU92598492", trust: 0.8, }, { db: "JVN", id: "JVNVU92467308", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2019-007840", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2019.3695.5", trust: 0.6, }, { db: "AUSCERT", id: "ASB-2019.0224", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.3245", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.2856", trust: 0.6, }, { db: "IVD", id: "522CCA90-A84A-490A-9F56-4C706BA3F1F5", trust: 0.2, }, { db: "VULHUB", id: "VHN-143990", trust: 0.1, }, { db: "VULMON", id: "CVE-2019-12261", trust: 0.1, }, ], sources: [ { db: "IVD", id: "522cca90-a84a-490a-9f56-4c706ba3f1f5", }, { db: "CNVD", id: "CNVD-2019-25701", }, { db: "VULHUB", id: "VHN-143990", }, { db: "VULMON", id: "CVE-2019-12261", }, { db: "JVNDB", id: "JVNDB-2019-007840", }, { db: "NVD", id: "CVE-2019-12261", }, { db: "CNNVD", id: "CNNVD-201907-1494", }, ], }, id: "VAR-201908-0702", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "522cca90-a84a-490a-9f56-4c706ba3f1f5", }, { db: "CNVD", id: "CNVD-2019-25701", }, { db: "VULHUB", id: "VHN-143990", }, ], trust: 1.38913044, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "522cca90-a84a-490a-9f56-4c706ba3f1f5", }, { db: "CNVD", id: "CNVD-2019-25701", }, ], }, last_update_date: "2023-12-18T11:44:29.111000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Security Notices Siemens Siemens Security Advisory", trust: 0.8, url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { title: "Patch for Wind River Systems VxWorks Buffer Overflow Vulnerability (CNVD-2019-25701)", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/172939", }, { title: "Wind River Systems VxWorks Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=95609", }, { title: "The Register", trust: 0.2, url: "https://www.theregister.co.uk/2019/07/29/wind_river_patches_vxworks/", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=1f919286ef48798d96223ef4d2143337", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=2dd69ca01b84b80e09672fedb1c26f51", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=99fa839be73f2df819a67c27caa912f8", }, { title: "Fortinet Security Advisories: Wind River VxWorks IPnet TCP/IP Stack Vulnerabilities (aka. URGENT/11)", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=fortinet_security_advisories&qid=fg-ir-19-222", }, { title: "urgent11-poc", trust: 0.1, url: "https://github.com/iweizime/urgent11-poc ", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-25701", }, { db: "VULMON", id: "CVE-2019-12261", }, { db: "JVNDB", id: "JVNDB-2019-007840", }, { db: "CNNVD", id: "CNNVD-201907-1494", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-120", trust: 1, }, { problemtype: "Buffer error (CWE-119) [NVD evaluation ]", trust: 0.8, }, { problemtype: "CWE-119", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-143990", }, { db: "JVNDB", id: "JVNDB-2019-007840", }, { db: "NVD", id: "CVE-2019-12261", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.4, url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { trust: 1.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { trust: 1.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { trust: 1.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { trust: 1.8, url: "https://psirt.global.sonicwall.com/vuln-detail/snwlid-2019-0009", }, { trust: 1.8, url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { trust: 1.8, url: "https://support.f5.com/csp/article/k41190253", }, { trust: 1.8, url: "https://support2.windriver.com/index.php?page=security-notices", }, { trust: 1.8, url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { trust: 1.7, url: "https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2019-12261", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-12261", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsa-19-211-01", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsa-19-274-01", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsma-19-274-01", }, { trust: 0.9, url: "https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-10", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu92467308/", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu92598492/", }, { trust: 0.6, url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/security-advisory-ipnet/security-advisory-ipnet.pdf", }, { trust: 0.6, url: "https://www.tenable.com/blog/critical-vulnerabilities-dubbed-urgent11-place-devices-running-vxworks-at-risk-of-rce-attacks", }, { trust: 0.6, url: "https://fortiguard.com/psirt/fg-ir-19-222", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.3695.5/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.2856/", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/wind-river-vxworks-multiple-vulnerabilities-via-ipnet-29905", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/asb-2019.0224/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.3245/", }, { trust: 0.1, url: "https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2019-12261", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/120.html", }, { trust: 0.1, url: "http://tools.cisco.com/security/center/viewalert.x?alertid=60683", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://github.com/iweizime/urgent11-poc", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-25701", }, { db: "VULHUB", id: "VHN-143990", }, { db: "VULMON", id: "CVE-2019-12261", }, { db: "JVNDB", id: "JVNDB-2019-007840", }, { db: "NVD", id: "CVE-2019-12261", }, { db: "CNNVD", id: "CNNVD-201907-1494", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "522cca90-a84a-490a-9f56-4c706ba3f1f5", }, { db: "CNVD", id: "CNVD-2019-25701", }, { db: "VULHUB", id: "VHN-143990", }, { db: "VULMON", id: "CVE-2019-12261", }, { db: "JVNDB", id: "JVNDB-2019-007840", }, { db: "NVD", id: "CVE-2019-12261", }, { db: "CNNVD", id: "CNNVD-201907-1494", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-08-02T00:00:00", db: "IVD", id: "522cca90-a84a-490a-9f56-4c706ba3f1f5", }, { date: "2019-08-02T00:00:00", db: "CNVD", id: "CNVD-2019-25701", }, { date: "2019-08-09T00:00:00", db: "VULHUB", id: "VHN-143990", }, { date: "2019-08-09T00:00:00", db: "VULMON", id: "CVE-2019-12261", }, { date: "2019-08-21T00:00:00", db: "JVNDB", id: "JVNDB-2019-007840", }, { date: "2019-08-09T21:15:11.093000", db: "NVD", id: "CVE-2019-12261", }, { date: "2019-07-29T00:00:00", db: "CNNVD", id: "CNNVD-201907-1494", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-08-26T00:00:00", db: "CNVD", id: "CNVD-2019-25701", }, { date: "2020-10-20T00:00:00", db: "VULHUB", id: "VHN-143990", }, { date: "2022-08-12T00:00:00", db: "VULMON", id: "CVE-2019-12261", }, { date: "2023-11-21T01:19:00", db: "JVNDB", id: "JVNDB-2019-007840", }, { date: "2022-08-12T18:44:30.587000", db: "NVD", id: "CVE-2019-12261", }, { date: "2022-03-10T00:00:00", db: "CNNVD", id: "CNNVD-201907-1494", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201907-1494", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River VxWorks Buffer error vulnerability in", sources: [ { db: "JVNDB", id: "JVNDB-2019-007840", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Buffer error", sources: [ { db: "IVD", id: "522cca90-a84a-490a-9f56-4c706ba3f1f5", }, { db: "CNNVD", id: "CNNVD-201907-1494", }, ], trust: 0.8, }, }
var-201908-0713
Vulnerability from variot
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets’ IP options. Wind River VxWorks Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. An attacker could exploit the vulnerability to cause a tNet0 task to crash and execute code with an IPv4 packet with an invalid option. A vulnerability in Wind River VxWorks could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition or execute arbitrary code on a targeted system. An attacker could exploit this vulnerability by sending crafted HTTP requests to the targeted system
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201908-0713", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: null, scope: "eq", trust: 2.4, vendor: "sonicos", version: "*", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.5.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.6.1", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.0.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "5.9.0.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.4.0.", }, { model: "e-series santricity os controller", scope: "gte", trust: 1, vendor: "netapp", version: "8.00", }, { model: "sonicos", scope: "eq", trust: 1, vendor: "sonicwall", version: "6.2.7.0", }, { model: "power meter 9410", scope: "lt", trust: 1, vendor: "siemens", version: "2.2.1", }, { model: "ruggedcom win7025", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.2.3", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "5.9.1.0.", }, { model: "ruggedcom win7200", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "sonicos", scope: "eq", trust: 1, vendor: "sonicwall", version: "6.2.7.1", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.3.1", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.2.04", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.1.4", }, { model: "sonicos", scope: "eq", trust: 1, vendor: "sonicwall", version: "6.2.7.7", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.0.07", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.5.3", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "5.9.1.12", }, { model: "vxworks", scope: "lt", trust: 1, vendor: "windriver", version: "6.9.4.12", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.9.2", }, { model: "vxworks", scope: "gte", trust: 1, vendor: "windriver", version: "6.5", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.0.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.6.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.4.3", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.4.3", }, { model: "ruggedcom win7000", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "power meter 9810", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "siprotec 5", scope: "lt", trust: 1, vendor: "siemens", version: "7.59", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.7.4", }, { model: "siprotec 5", scope: "lt", trust: 1, vendor: "siemens", version: "7.91", }, { model: "garrettcom magnum dx940e", scope: "lte", trust: 1, vendor: "belden", version: "1.0.1_y7", }, { model: "e-series santricity os controller", scope: "lte", trust: 1, vendor: "netapp", version: "8.40.50.00", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.1.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.9.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "5.9.0.7", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.5.01", }, { model: "ruggedcom win7018", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.3.0", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "05.3.06", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.0.3", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.2.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.4.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.7.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.3.3", }, { model: "e-series santricity os controller", scope: null, trust: 0.8, vendor: "netapp", version: null, }, { model: "siprotec 5", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "sonicos", scope: null, trust: 0.8, vendor: "sonicwall", version: null, }, { model: "vxworks", scope: null, trust: 0.8, vendor: "ウインドリバー株式会社", version: null, }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.9", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.8", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.7", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.6", }, { model: null, scope: "eq", trust: 0.4, vendor: "siprotec 5", version: "*", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.9", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "7", }, { model: null, scope: "eq", trust: 0.2, vendor: "e series santricity os controller", version: "*", }, { model: null, scope: "eq", trust: 0.2, vendor: "sonicos", version: "6.2.7.0", }, { model: null, scope: "eq", trust: 0.2, vendor: "sonicos", version: "6.2.7.1", }, { model: null, scope: "eq", trust: 0.2, vendor: "sonicos", version: "6.2.7.7", }, ], sources: [ { db: "IVD", id: "9ff393b8-dd26-4d3c-8562-ae9a1bb6075f", }, { db: "CNVD", id: "CNVD-2019-25699", }, { db: "JVNDB", id: "JVNDB-2019-007849", }, { db: "NVD", id: "CVE-2019-12256", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "6.9.4.12", versionStartIncluding: "6.5", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "8.40.50.00", versionStartIncluding: "8.00", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.4.3", versionStartIncluding: "6.5.4.0.", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.3.3", versionStartIncluding: "6.5.3.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.2.3", versionStartIncluding: "6.5.2.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.1.4", versionStartIncluding: "6.5.1.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.0.3", versionStartIncluding: "6.5.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.7.4", versionStartIncluding: "6.2.7.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.6.1", versionStartIncluding: "6.2.6.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.5.3", versionStartIncluding: "6.2.5.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.4.3", versionStartIncluding: "6.2.4.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.3.1", versionStartIncluding: "6.2.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.9.1.12", versionStartIncluding: "5.9.1.0.", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.9.0.7", versionStartIncluding: "5.9.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:6.2.7.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:6.2.7.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:6.2.7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.9.2", versionStartIncluding: "6.2.9.0", vulnerable: true, }, ], operator: "OR", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp200", cpe_name: [], versionEndExcluding: "7.59", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp300", cpe_name: [], versionEndExcluding: "7.91", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:power_meter_9410_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.2.1", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:power_meter_9410:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:power_meter_9810_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:power_meter_9810:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7018_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7018:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7025_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7025:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7200:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.0.07", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rail_switch_power_lite:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rail_switch_power_smart:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_red25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1042:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1142:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1020:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1120:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1030:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1130:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eesx20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eesx30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_ees20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_ees25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp32:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe32:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe35:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe37:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp35:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.5.01", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_octopus_os3:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.2.04", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_dragon_mach4000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_dragon_mach4500:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "05.3.06", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle_one:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:garrettcom_magnum_dx940e_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "1.0.1_y7", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:garrettcom_magnum_dx940e:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2019-12256", }, ], }, cve: "CVE-2019-12256", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 7.5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2019-12256", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.9, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "CNVD-2019-25699", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "9ff393b8-dd26-4d3c-8562-ae9a1bb6075f", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-143984", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2019-12256", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2019-12256", trust: 1.8, value: "CRITICAL", }, { author: "CNVD", id: "CNVD-2019-25699", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201907-1499", trust: 0.6, value: "CRITICAL", }, { author: "IVD", id: "9ff393b8-dd26-4d3c-8562-ae9a1bb6075f", trust: 0.2, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-143984", trust: 0.1, value: "HIGH", }, { author: "VULMON", id: "CVE-2019-12256", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "IVD", id: "9ff393b8-dd26-4d3c-8562-ae9a1bb6075f", }, { db: "CNVD", id: "CNVD-2019-25699", }, { db: "VULHUB", id: "VHN-143984", }, { db: "VULMON", id: "CVE-2019-12256", }, { db: "JVNDB", id: "JVNDB-2019-007849", }, { db: "NVD", id: "CVE-2019-12256", }, { db: "CNNVD", id: "CNNVD-201907-1499", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets’ IP options. Wind River VxWorks Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. An attacker could exploit the vulnerability to cause a tNet0 task to crash and execute code with an IPv4 packet with an invalid option. A vulnerability in Wind River VxWorks could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition or execute arbitrary code on a targeted system. An attacker could exploit this vulnerability by sending crafted HTTP requests to the targeted system", sources: [ { db: "NVD", id: "CVE-2019-12256", }, { db: "JVNDB", id: "JVNDB-2019-007849", }, { db: "CNVD", id: "CNVD-2019-25699", }, { db: "IVD", id: "9ff393b8-dd26-4d3c-8562-ae9a1bb6075f", }, { db: "VULHUB", id: "VHN-143984", }, { db: "VULMON", id: "CVE-2019-12256", }, ], trust: 2.52, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-12256", trust: 4.2, }, { db: "SIEMENS", id: "SSA-352504", trust: 1.8, }, { db: "SIEMENS", id: "SSA-189842", trust: 1.8, }, { db: "SIEMENS", id: "SSA-632562", trust: 1.8, }, { db: "ICS CERT", id: "ICSA-19-274-01", trust: 1.4, }, { db: "ICS CERT", id: "ICSA-19-211-01", trust: 1.4, }, { db: "ICS CERT", id: "ICSMA-19-274-01", trust: 1.4, }, { db: "CNNVD", id: "CNNVD-201907-1499", trust: 0.9, }, { db: "ICS CERT", id: "ICSA-23-320-10", trust: 0.9, }, { db: "CNVD", id: "CNVD-2019-25699", trust: 0.8, }, { db: "JVN", id: "JVNVU92598492", trust: 0.8, }, { db: "JVN", id: "JVNVU92467308", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2019-007849", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2019.3695.5", trust: 0.6, }, { db: "AUSCERT", id: "ASB-2019.0224", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.3245", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.2856", trust: 0.6, }, { db: "IVD", id: "9FF393B8-DD26-4D3C-8562-AE9A1BB6075F", trust: 0.2, }, { db: "VULHUB", id: "VHN-143984", trust: 0.1, }, { db: "VULMON", id: "CVE-2019-12256", trust: 0.1, }, ], sources: [ { db: "IVD", id: "9ff393b8-dd26-4d3c-8562-ae9a1bb6075f", }, { db: "CNVD", id: "CNVD-2019-25699", }, { db: "VULHUB", id: "VHN-143984", }, { db: "VULMON", id: "CVE-2019-12256", }, { db: "JVNDB", id: "JVNDB-2019-007849", }, { db: "NVD", id: "CVE-2019-12256", }, { db: "CNNVD", id: "CNNVD-201907-1499", }, ], }, id: "VAR-201908-0713", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "9ff393b8-dd26-4d3c-8562-ae9a1bb6075f", }, { db: "CNVD", id: "CNVD-2019-25699", }, { db: "VULHUB", id: "VHN-143984", }, ], trust: 1.38913044, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "9ff393b8-dd26-4d3c-8562-ae9a1bb6075f", }, { db: "CNVD", id: "CNVD-2019-25699", }, ], }, last_update_date: "2023-12-18T11:03:27.029000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Security Notices Siemens Siemens Security Advisory", trust: 0.8, url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { title: "Patch for Wind River Systems VxWorks Buffer Overflow Vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/172895", }, { title: "Wind River Systems VxWorks Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=95614", }, { title: "The Register", trust: 0.2, url: "https://www.theregister.co.uk/2019/07/29/wind_river_patches_vxworks/", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=1f919286ef48798d96223ef4d2143337", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=2dd69ca01b84b80e09672fedb1c26f51", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=99fa839be73f2df819a67c27caa912f8", }, { title: "Fortinet Security Advisories: Wind River VxWorks IPnet TCP/IP Stack Vulnerabilities (aka. URGENT/11)", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=fortinet_security_advisories&qid=fg-ir-19-222", }, { title: "Urgent11-Suricata-LUA-scripts", trust: 0.1, url: "https://github.com/sud0woodo/urgent11-suricata-lua-scripts ", }, { title: "urgent11-poc", trust: 0.1, url: "https://github.com/iweizime/urgent11-poc ", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-25699", }, { db: "VULMON", id: "CVE-2019-12256", }, { db: "JVNDB", id: "JVNDB-2019-007849", }, { db: "CNNVD", id: "CNNVD-201907-1499", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-120", trust: 1, }, { problemtype: "Buffer error (CWE-119) [NVD evaluation ]", trust: 0.8, }, { problemtype: "CWE-119", trust: 0.1, }, { problemtype: "CWE-787", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-143984", }, { db: "JVNDB", id: "JVNDB-2019-007849", }, { db: "NVD", id: "CVE-2019-12256", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.9, url: "https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2019-12256", }, { trust: 1.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { trust: 1.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { trust: 1.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { trust: 1.8, url: "https://psirt.global.sonicwall.com/vuln-detail/snwlid-2019-0009", }, { trust: 1.8, url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { trust: 1.8, url: "https://support.f5.com/csp/article/k41190253", }, { trust: 1.8, url: "https://support2.windriver.com/index.php?page=security-notices", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-12256", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsa-19-274-01", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsma-19-274-01", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsa-19-211-01", }, { trust: 1.2, url: "https://www.tenable.com/blog/critical-vulnerabilities-dubbed-urgent11-place-devices-running-vxworks-at-risk-of-rce-attacks", }, { trust: 1.2, url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/security-advisory-ipnet/security-advisory-ipnet.pdf", }, { trust: 1.2, url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { trust: 0.9, url: "https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-10", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu92467308/", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu92598492/", }, { trust: 0.6, url: "https://fortiguard.com/psirt/fg-ir-19-222", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.3695.5/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.2856/", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/wind-river-vxworks-multiple-vulnerabilities-via-ipnet-29905", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/asb-2019.0224/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.3245/", }, { trust: 0.1, url: "https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2019-12256", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/120.html", }, { trust: 0.1, url: "http://tools.cisco.com/security/center/viewalert.x?alertid=60680", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://github.com/sud0woodo/urgent11-suricata-lua-scripts", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-25699", }, { db: "VULHUB", id: "VHN-143984", }, { db: "VULMON", id: "CVE-2019-12256", }, { db: "JVNDB", id: "JVNDB-2019-007849", }, { db: "NVD", id: "CVE-2019-12256", }, { db: "CNNVD", id: "CNNVD-201907-1499", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "9ff393b8-dd26-4d3c-8562-ae9a1bb6075f", }, { db: "CNVD", id: "CNVD-2019-25699", }, { db: "VULHUB", id: "VHN-143984", }, { db: "VULMON", id: "CVE-2019-12256", }, { db: "JVNDB", id: "JVNDB-2019-007849", }, { db: "NVD", id: "CVE-2019-12256", }, { db: "CNNVD", id: "CNNVD-201907-1499", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-08-02T00:00:00", db: "IVD", id: "9ff393b8-dd26-4d3c-8562-ae9a1bb6075f", }, { date: "2019-08-02T00:00:00", db: "CNVD", id: "CNVD-2019-25699", }, { date: "2019-08-09T00:00:00", db: "VULHUB", id: "VHN-143984", }, { date: "2019-08-09T00:00:00", db: "VULMON", id: "CVE-2019-12256", }, { date: "2019-08-21T00:00:00", db: "JVNDB", id: "JVNDB-2019-007849", }, { date: "2019-08-09T18:15:11.227000", db: "NVD", id: "CVE-2019-12256", }, { date: "2019-07-29T00:00:00", db: "CNNVD", id: "CNNVD-201907-1499", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-09-09T00:00:00", db: "CNVD", id: "CNVD-2019-25699", }, { date: "2020-08-24T00:00:00", db: "VULHUB", id: "VHN-143984", }, { date: "2022-08-16T00:00:00", db: "VULMON", id: "CVE-2019-12256", }, { date: "2023-11-21T01:12:00", db: "JVNDB", id: "JVNDB-2019-007849", }, { date: "2022-08-16T13:00:08.227000", db: "NVD", id: "CVE-2019-12256", }, { date: "2022-03-10T00:00:00", db: "CNNVD", id: "CNNVD-201907-1499", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201907-1499", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River Systems VxWorks Buffer Overflow Vulnerability", sources: [ { db: "IVD", id: "9ff393b8-dd26-4d3c-8562-ae9a1bb6075f", }, { db: "CNVD", id: "CNVD-2019-25699", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Buffer error", sources: [ { db: "IVD", id: "9ff393b8-dd26-4d3c-8562-ae9a1bb6075f", }, { db: "CNNVD", id: "CNNVD-201907-1499", }, ], trust: 0.8, }, }
var-201908-0714
Vulnerability from variot
Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP client component. There is an IPNET security vulnerability: Heap overflow in DHCP Offer/ACK parsing inside ipdhcpc. Wind River VxWorks Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Wind River Systems VxWorks is an embedded real-time operating system (RTOS) from Wind River Systems. An attacker could exploit the vulnerability to overwrite the heap and execute code. The following products and versions are affected: Wind River Systems VxWorks Version 6.9, Version 6.8, Version 6.7, Version 6.6
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201908-0714", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: null, scope: "eq", trust: 2.4, vendor: "sonicos", version: "*", }, { model: "vxworks", scope: "lt", trust: 1, vendor: "windriver", version: "6.9.4", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.5.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.6.1", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.0.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "5.9.0.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.4.0.", }, { model: "e-series santricity os controller", scope: "gte", trust: 1, vendor: "netapp", version: "8.00", }, { model: "sonicos", scope: "eq", trust: 1, vendor: "sonicwall", version: "6.2.7.0", }, { model: "ruggedcom win7025", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.2.3", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "5.9.1.0.", }, { model: "ruggedcom win7200", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "sonicos", scope: "eq", trust: 1, vendor: "sonicwall", version: "6.2.7.1", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.3.1", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.2.04", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.1.4", }, { model: "sonicos", scope: "eq", trust: 1, vendor: "sonicwall", version: "6.2.7.7", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.0.07", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.5.3", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "5.9.1.12", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.9.2", }, { model: "vxworks", scope: "gte", trust: 1, vendor: "windriver", version: "6.5", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.0.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.6.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.4.3", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.4.3", }, { model: "ruggedcom win7000", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "siprotec 5", scope: "lt", trust: 1, vendor: "siemens", version: "7.59", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.7.4", }, { model: "siprotec 5", scope: "lt", trust: 1, vendor: "siemens", version: "7.91", }, { model: "garrettcom magnum dx940e", scope: "lte", trust: 1, vendor: "belden", version: "1.0.1_y7", }, { model: "e-series santricity os controller", scope: "lte", trust: 1, vendor: "netapp", version: "8.40.50.00", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.1.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.9.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "5.9.0.7", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.5.01", }, { model: "ruggedcom win7018", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.3.0", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "05.3.06", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.0.3", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.2.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.4.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.7.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.3.3", }, { model: "e-series santricity os controller", scope: null, trust: 0.8, vendor: "netapp", version: null, }, { model: "sonicos", scope: null, trust: 0.8, vendor: "sonicwall", version: null, }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "wind river", version: "6.6 to 6.9", }, { model: "siprotec 5", scope: null, trust: 0.8, vendor: "siemens", version: null, }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.9", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.8", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.7", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.6", }, { model: null, scope: "eq", trust: 0.4, vendor: "siprotec 5", version: "*", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "*", }, { model: null, scope: "eq", trust: 0.2, vendor: "e series santricity os controller", version: "*", }, { model: null, scope: "eq", trust: 0.2, vendor: "sonicos", version: "6.2.7.0", }, { model: null, scope: "eq", trust: 0.2, vendor: "sonicos", version: "6.2.7.1", }, { model: null, scope: "eq", trust: 0.2, vendor: "sonicos", version: "6.2.7.7", }, ], sources: [ { db: "IVD", id: "93543796-4304-43f2-9d14-11a08f3135cc", }, { db: "CNVD", id: "CNVD-2019-25704", }, { db: "JVNDB", id: "JVNDB-2019-007725", }, { db: "NVD", id: "CVE-2019-12257", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "6.9.4", versionStartIncluding: "6.5", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.4.3", versionStartIncluding: "6.5.4.0.", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.3.3", versionStartIncluding: "6.5.3.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.2.3", versionStartIncluding: "6.5.2.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.1.4", versionStartIncluding: "6.5.1.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.0.3", versionStartIncluding: "6.5.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.7.4", versionStartIncluding: "6.2.7.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.6.1", versionStartIncluding: "6.2.6.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.5.3", versionStartIncluding: "6.2.5.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.4.3", versionStartIncluding: "6.2.4.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.3.1", versionStartIncluding: "6.2.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.9.1.12", versionStartIncluding: "5.9.1.0.", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.9.0.7", versionStartIncluding: "5.9.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:6.2.7.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:6.2.7.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:6.2.7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.9.2", versionStartIncluding: "6.2.9.0", vulnerable: true, }, ], operator: "OR", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp200", cpe_name: [], versionEndExcluding: "7.59", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "8.40.50.00", versionStartIncluding: "8.00", vulnerable: true, }, ], operator: "OR", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp300", cpe_name: [], versionEndExcluding: "7.91", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7018_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7018:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7025_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7025:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7200:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.0.07", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rail_switch_power_lite:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rail_switch_power_smart:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_red25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1042:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1142:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1020:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1120:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1030:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1130:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eesx20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eesx30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_ees20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_ees25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp32:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe32:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe35:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe37:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp35:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.5.01", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_octopus_os3:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.2.04", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_dragon_mach4000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_dragon_mach4500:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "05.3.06", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle_one:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:garrettcom_magnum_dx940e_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "1.0.1_y7", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:garrettcom_magnum_dx940e:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2019-12257", }, ], }, cve: "CVE-2019-12257", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 6.5, impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Adjacent Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 5.8, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2019-12257", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 8.3, confidentialityImpact: "COMPLETE", exploitabilityScore: 6.5, id: "CNVD-2019-25704", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:A/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "COMPLETE", baseScore: 8.3, confidentialityImpact: "COMPLETE", exploitabilityScore: 6.5, id: "93543796-4304-43f2-9d14-11a08f3135cc", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.2, vectorString: "AV:A/AC:L/Au:N/C:C/I:C/A:C", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 6.5, id: "VHN-143985", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.1, vectorString: "AV:A/AC:L/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2.8, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Adjacent Network", author: "NVD", availabilityImpact: "High", baseScore: 8.8, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2019-12257", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2019-12257", trust: 1.8, value: "HIGH", }, { author: "CNVD", id: "CNVD-2019-25704", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201907-1498", trust: 0.6, value: "HIGH", }, { author: "IVD", id: "93543796-4304-43f2-9d14-11a08f3135cc", trust: 0.2, value: "HIGH", }, { author: "VULHUB", id: "VHN-143985", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "IVD", id: "93543796-4304-43f2-9d14-11a08f3135cc", }, { db: "CNVD", id: "CNVD-2019-25704", }, { db: "VULHUB", id: "VHN-143985", }, { db: "JVNDB", id: "JVNDB-2019-007725", }, { db: "NVD", id: "CVE-2019-12257", }, { db: "CNNVD", id: "CNNVD-201907-1498", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP client component. There is an IPNET security vulnerability: Heap overflow in DHCP Offer/ACK parsing inside ipdhcpc. Wind River VxWorks Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Wind River Systems VxWorks is an embedded real-time operating system (RTOS) from Wind River Systems. An attacker could exploit the vulnerability to overwrite the heap and execute code. The following products and versions are affected: Wind River Systems VxWorks Version 6.9, Version 6.8, Version 6.7, Version 6.6", sources: [ { db: "NVD", id: "CVE-2019-12257", }, { db: "JVNDB", id: "JVNDB-2019-007725", }, { db: "CNVD", id: "CNVD-2019-25704", }, { db: "IVD", id: "93543796-4304-43f2-9d14-11a08f3135cc", }, { db: "VULHUB", id: "VHN-143985", }, ], trust: 2.43, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-12257", trust: 3.3, }, { db: "SIEMENS", id: "SSA-189842", trust: 1.7, }, { db: "SIEMENS", id: "SSA-632562", trust: 1.7, }, { db: "ICS CERT", id: "ICSA-19-274-01", trust: 1.4, }, { db: "ICS CERT", id: "ICSMA-19-274-01", trust: 1.4, }, { db: "ICS CERT", id: "ICSA-19-211-01", trust: 1.4, }, { db: "CNNVD", id: "CNNVD-201907-1498", trust: 0.9, }, { db: "CNVD", id: "CNVD-2019-25704", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2019-007725", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2019.3695.5", trust: 0.6, }, { db: "AUSCERT", id: "ASB-2019.0224", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.3245", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.2856", trust: 0.6, }, { db: "IVD", id: "93543796-4304-43F2-9D14-11A08F3135CC", trust: 0.2, }, { db: "VULHUB", id: "VHN-143985", trust: 0.1, }, ], sources: [ { db: "IVD", id: "93543796-4304-43f2-9d14-11a08f3135cc", }, { db: "CNVD", id: "CNVD-2019-25704", }, { db: "VULHUB", id: "VHN-143985", }, { db: "JVNDB", id: "JVNDB-2019-007725", }, { db: "NVD", id: "CVE-2019-12257", }, { db: "CNNVD", id: "CNNVD-201907-1498", }, ], }, id: "VAR-201908-0714", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "93543796-4304-43f2-9d14-11a08f3135cc", }, { db: "CNVD", id: "CNVD-2019-25704", }, { db: "VULHUB", id: "VHN-143985", }, ], trust: 1.38913044, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "93543796-4304-43f2-9d14-11a08f3135cc", }, { db: "CNVD", id: "CNVD-2019-25704", }, ], }, last_update_date: "2023-12-18T11:30:50.061000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "NTAP-20190802-0001", trust: 0.8, url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { title: "SSA-632562", trust: 0.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { title: "SNWLID-2019-0009", trust: 0.8, url: "https://psirt.global.sonicwall.com/vuln-detail/snwlid-2019-0009", }, { title: "SECURITY VULNERABILITY RESPONSE INFORMATION", trust: 0.8, url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { title: "CVE-2019-12257", trust: 0.8, url: "https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2019-12257", }, { title: "Security Notices", trust: 0.8, url: "https://support2.windriver.com/index.php?page=security-notices", }, { title: "Patch for Wind River Systems VxWorks Buffer Overflow Vulnerability (CNVD-2019-25704)", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/172945", }, { title: "Wind River Systems VxWorks Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=95613", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-25704", }, { db: "JVNDB", id: "JVNDB-2019-007725", }, { db: "CNNVD", id: "CNNVD-201907-1498", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-120", trust: 1, }, { problemtype: "CWE-119", trust: 0.9, }, { problemtype: "CWE-787", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-143985", }, { db: "JVNDB", id: "JVNDB-2019-007725", }, { db: "NVD", id: "CVE-2019-12257", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.3, url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { trust: 2.2, url: "https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2019-12257", }, { trust: 1.7, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { trust: 1.7, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { trust: 1.7, url: "https://psirt.global.sonicwall.com/vuln-detail/snwlid-2019-0009", }, { trust: 1.7, url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { trust: 1.7, url: "https://support.f5.com/csp/article/k41190253", }, { trust: 1.7, url: "https://support2.windriver.com/index.php?page=security-notices", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsa-19-274-01", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsma-19-274-01", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsa-19-211-01", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-12257", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-12257", }, { trust: 0.6, url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/security-advisory-ipnet/security-advisory-ipnet.pdf", }, { trust: 0.6, url: "https://www.tenable.com/blog/critical-vulnerabilities-dubbed-urgent11-place-devices-running-vxworks-at-risk-of-rce-attacks", }, { trust: 0.6, url: "https://fortiguard.com/psirt/fg-ir-19-222", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.3695.5/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.2856/", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/wind-river-vxworks-multiple-vulnerabilities-via-ipnet-29905", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/asb-2019.0224/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.3245/", }, { trust: 0.1, url: "https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2019-12257", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-25704", }, { db: "VULHUB", id: "VHN-143985", }, { db: "JVNDB", id: "JVNDB-2019-007725", }, { db: "NVD", id: "CVE-2019-12257", }, { db: "CNNVD", id: "CNNVD-201907-1498", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "93543796-4304-43f2-9d14-11a08f3135cc", }, { db: "CNVD", id: "CNVD-2019-25704", }, { db: "VULHUB", id: "VHN-143985", }, { db: "JVNDB", id: "JVNDB-2019-007725", }, { db: "NVD", id: "CVE-2019-12257", }, { db: "CNNVD", id: "CNNVD-201907-1498", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-08-02T00:00:00", db: "IVD", id: "93543796-4304-43f2-9d14-11a08f3135cc", }, { date: "2019-08-02T00:00:00", db: "CNVD", id: "CNVD-2019-25704", }, { date: "2019-08-09T00:00:00", db: "VULHUB", id: "VHN-143985", }, { date: "2019-08-20T00:00:00", db: "JVNDB", id: "JVNDB-2019-007725", }, { date: "2019-08-09T18:15:11.320000", db: "NVD", id: "CVE-2019-12257", }, { date: "2019-07-29T00:00:00", db: "CNNVD", id: "CNNVD-201907-1498", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-08-02T00:00:00", db: "CNVD", id: "CNVD-2019-25704", }, { date: "2020-08-24T00:00:00", db: "VULHUB", id: "VHN-143985", }, { date: "2019-10-15T00:00:00", db: "JVNDB", id: "JVNDB-2019-007725", }, { date: "2022-08-16T12:59:51.417000", db: "NVD", id: "CVE-2019-12257", }, { date: "2022-03-10T00:00:00", db: "CNNVD", id: "CNNVD-201907-1498", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote or local", sources: [ { db: "CNNVD", id: "CNNVD-201907-1498", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River VxWorks Buffer error vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2019-007725", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Buffer error", sources: [ { db: "IVD", id: "93543796-4304-43f2-9d14-11a08f3135cc", }, { db: "CNNVD", id: "CNNVD-201907-1498", }, ], trust: 0.8, }, }
var-201908-0699
Vulnerability from variot
Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing. Wind River VxWorks for, NULL There is a vulnerability in pointer dereference.Service operation interruption (DoS) It may be in a state. Wind River Systems VxWorks is an embedded real-time operating system (RTOS) from Wind River Systems. A code issue vulnerability exists in Wind River Systems VxWorks. The vulnerability stems from a problem of improper design or implementation during the code development process of a network system or product. There are currently no detailed details of the vulnerability provided. The following products and versions are affected: Wind River Systems VxWorks Version 7, Version 6.9, Version 6.8, Version 6.7, Version 6.6. An attacker could exploit this vulnerability by sending crafted HTTP requests to the targeted system. A successful exploit could cause a NULL pointer dereference condition, which could allow the malicious user to cause a DoS condition on the targeted system
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201908-0699", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: null, scope: "eq", trust: 2.4, vendor: "sonicos", version: "*", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.5.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.6.1", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.0.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "5.9.0.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.4.0.", }, { model: "sonicos", scope: "eq", trust: 1, vendor: "sonicwall", version: "6.2.7.0", }, { model: "ruggedcom win7025", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.2.3", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "5.9.1.0.", }, { model: "ruggedcom win7200", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.7.0", }, { model: "sonicos", scope: "eq", trust: 1, vendor: "sonicwall", version: "6.2.7.1", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.3.1", }, { model: "9810 power meter", scope: "lt", trust: 1, vendor: "siemens", version: "2.2.1", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.2.04", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.1.4", }, { model: "sonicos", scope: "eq", trust: 1, vendor: "sonicwall", version: "6.2.7.7", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.0.07", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.5.3", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "5.9.1.12", }, { model: "vxworks", scope: "lt", trust: 1, vendor: "windriver", version: "6.9.4.12", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.9.2", }, { model: "vxworks", scope: "gte", trust: 1, vendor: "windriver", version: "6.5", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.0.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.6.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.4.3", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.4.3", }, { model: "ruggedcom win7000", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "siprotec 5", scope: "lt", trust: 1, vendor: "siemens", version: "7.59", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.7.4", }, { model: "siprotec 5", scope: "lt", trust: 1, vendor: "siemens", version: "7.91", }, { model: "garrettcom magnum dx940e", scope: "lte", trust: 1, vendor: "belden", version: "1.0.1_y7", }, { model: "9410 power meter", scope: "lt", trust: 1, vendor: "siemens", version: "2.2.1", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.1.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.9.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "5.9.0.7", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.5.01", }, { model: "ruggedcom win7018", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.3.0", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "05.3.06", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.0.3", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.2.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.4.0", }, { model: "vxworks", scope: "eq", trust: 1, vendor: "windriver", version: "7.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.3.3", }, { model: "e-series santricity os controller", scope: null, trust: 0.8, vendor: "netapp", version: null, }, { model: "siprotec 5", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "sonicos", scope: null, trust: 0.8, vendor: "sonicwall", version: null, }, { model: "vxworks", scope: null, trust: 0.8, vendor: "ウインドリバー株式会社", version: null, }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.9", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.8", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.7", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.6", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "7", }, { model: null, scope: "eq", trust: 0.4, vendor: "siprotec 5", version: "*", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.6", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.7", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.8", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.9", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "7", }, { model: null, scope: "eq", trust: 0.2, vendor: "e series santricity os controller", version: "*", }, { model: null, scope: "eq", trust: 0.2, vendor: "sonicos", version: "6.2.7.0", }, { model: null, scope: "eq", trust: 0.2, vendor: "sonicos", version: "6.2.7.1", }, { model: null, scope: "eq", trust: 0.2, vendor: "sonicos", version: "6.2.7.7", }, ], sources: [ { db: "IVD", id: "6ec2dbcd-d932-4972-91bf-710eff608403", }, { db: "CNVD", id: "CNVD-2019-25709", }, { db: "JVNDB", id: "JVNDB-2019-007850", }, { db: "NVD", id: "CVE-2019-12259", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:windriver:vxworks:7.0:-:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "6.9.4.12", versionStartIncluding: "6.5", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.4.3", versionStartIncluding: "6.5.4.0.", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.3.3", versionStartIncluding: "6.5.3.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.2.3", versionStartIncluding: "6.5.2.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.1.4", versionStartIncluding: "6.5.1.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.0.3", versionStartIncluding: "6.5.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.7.4", versionStartIncluding: "6.2.7.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.6.1", versionStartIncluding: "6.2.6.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.5.3", versionStartIncluding: "6.2.5.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.4.3", versionStartIncluding: "6.2.4.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.3.1", versionStartIncluding: "6.2.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.9.2", versionStartIncluding: "6.2.9.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:6.2.7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:6.2.7.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:6.2.7.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.9.0.7", versionStartIncluding: "5.9.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.9.1.12", versionStartIncluding: "5.9.1.0.", vulnerable: true, }, ], operator: "OR", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp200", cpe_name: [], versionEndExcluding: "7.59", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:siprotec_5:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp300", cpe_name: [], versionEndExcluding: "7.91", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:siprotec_5:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp100", cpe_name: [], versionEndExcluding: "7.91", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:siprotec_5:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7200:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7025_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7025:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7018_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7018:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7200:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:9410_power_meter_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.2.1", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:9410_power_meter:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:9810_power_meter_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.2.1", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:9810_power_meter:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.0.07", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rail_switch_power_lite:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rail_switch_power_smart:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_red25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1042:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1142:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1020:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1120:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1030:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1130:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eesx20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_ees20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_ees25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eesx30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp32:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp35:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe32:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe35:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe37:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.5.01", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_octopus_os3:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.2.04", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_dragon_mach4000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_dragon_mach4500:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "05.3.06", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle_one:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:garrettcom_magnum_dx940e_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "1.0.1_y7", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:garrettcom_magnum_dx940e:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2019-12259", }, ], }, cve: "CVE-2019-12259", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, impactScore: 2.9, integrityImpact: "NONE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 5, confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2019-12259", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.9, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 6.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 6.5, id: "CNVD-2019-25709", impactScore: 7.8, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.6, vectorString: "AV:A/AC:L/Au:N/C:P/I:N/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "COMPLETE", baseScore: 6.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 6.5, id: "6ec2dbcd-d932-4972-91bf-710eff608403", impactScore: 7.8, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.2, vectorString: "AV:A/AC:L/Au:N/C:P/I:N/A:C", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "VHN-143987", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:N/I:N/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.5, baseSeverity: "High", confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2019-12259", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2019-12259", trust: 1.8, value: "HIGH", }, { author: "CNVD", id: "CNVD-2019-25709", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201907-1492", trust: 0.6, value: "HIGH", }, { author: "IVD", id: "6ec2dbcd-d932-4972-91bf-710eff608403", trust: 0.2, value: "HIGH", }, { author: "VULHUB", id: "VHN-143987", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2019-12259", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "IVD", id: "6ec2dbcd-d932-4972-91bf-710eff608403", }, { db: "CNVD", id: "CNVD-2019-25709", }, { db: "VULHUB", id: "VHN-143987", }, { db: "VULMON", id: "CVE-2019-12259", }, { db: "JVNDB", id: "JVNDB-2019-007850", }, { db: "NVD", id: "CVE-2019-12259", }, { db: "CNNVD", id: "CNNVD-201907-1492", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing. Wind River VxWorks for, NULL There is a vulnerability in pointer dereference.Service operation interruption (DoS) It may be in a state. Wind River Systems VxWorks is an embedded real-time operating system (RTOS) from Wind River Systems. A code issue vulnerability exists in Wind River Systems VxWorks. The vulnerability stems from a problem of improper design or implementation during the code development process of a network system or product. There are currently no detailed details of the vulnerability provided. The following products and versions are affected: Wind River Systems VxWorks Version 7, Version 6.9, Version 6.8, Version 6.7, Version 6.6. An attacker could exploit this vulnerability by sending crafted HTTP requests to the targeted system. A successful exploit could cause a NULL pointer dereference condition, which could allow the malicious user to cause a DoS condition on the targeted system", sources: [ { db: "NVD", id: "CVE-2019-12259", }, { db: "JVNDB", id: "JVNDB-2019-007850", }, { db: "CNVD", id: "CNVD-2019-25709", }, { db: "IVD", id: "6ec2dbcd-d932-4972-91bf-710eff608403", }, { db: "VULHUB", id: "VHN-143987", }, { db: "VULMON", id: "CVE-2019-12259", }, ], trust: 2.52, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-12259", trust: 4.2, }, { db: "SIEMENS", id: "SSA-352504", trust: 1.8, }, { db: "SIEMENS", id: "SSA-189842", trust: 1.8, }, { db: "SIEMENS", id: "SSA-632562", trust: 1.8, }, { db: "ICS CERT", id: "ICSA-19-274-01", trust: 1.4, }, { db: "ICS CERT", id: "ICSA-19-211-01", trust: 1.4, }, { db: "ICS CERT", id: "ICSMA-19-274-01", trust: 1.4, }, { db: "CNNVD", id: "CNNVD-201907-1492", trust: 0.9, }, { db: "ICS CERT", id: "ICSA-23-320-10", trust: 0.9, }, { db: "CNVD", id: "CNVD-2019-25709", trust: 0.8, }, { db: "JVN", id: "JVNVU92598492", trust: 0.8, }, { db: "JVN", id: "JVNVU92467308", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2019-007850", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2019.3695.5", trust: 0.6, }, { db: "AUSCERT", id: "ASB-2019.0224", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.3245", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.2856", trust: 0.6, }, { db: "IVD", id: "6EC2DBCD-D932-4972-91BF-710EFF608403", trust: 0.2, }, { db: "VULHUB", id: "VHN-143987", trust: 0.1, }, { db: "VULMON", id: "CVE-2019-12259", trust: 0.1, }, ], sources: [ { db: "IVD", id: "6ec2dbcd-d932-4972-91bf-710eff608403", }, { db: "CNVD", id: "CNVD-2019-25709", }, { db: "VULHUB", id: "VHN-143987", }, { db: "VULMON", id: "CVE-2019-12259", }, { db: "JVNDB", id: "JVNDB-2019-007850", }, { db: "NVD", id: "CVE-2019-12259", }, { db: "CNNVD", id: "CNNVD-201907-1492", }, ], }, id: "VAR-201908-0699", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "6ec2dbcd-d932-4972-91bf-710eff608403", }, { db: "CNVD", id: "CNVD-2019-25709", }, { db: "VULHUB", id: "VHN-143987", }, ], trust: 1.38913044, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "6ec2dbcd-d932-4972-91bf-710eff608403", }, { db: "CNVD", id: "CNVD-2019-25709", }, ], }, last_update_date: "2023-12-18T10:48:37.695000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Security Notices Siemens Siemens Security Advisory", trust: 0.8, url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { title: "Wind River Systems VxWorks Code Issue Vulnerability Patch", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/172957", }, { title: "Wind River Systems VxWorks Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=95607", }, { title: "The Register", trust: 0.2, url: "https://www.theregister.co.uk/2019/07/29/wind_river_patches_vxworks/", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=1f919286ef48798d96223ef4d2143337", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=2dd69ca01b84b80e09672fedb1c26f51", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=99fa839be73f2df819a67c27caa912f8", }, { title: "Fortinet Security Advisories: Wind River VxWorks IPnet TCP/IP Stack Vulnerabilities (aka. URGENT/11)", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=fortinet_security_advisories&qid=fg-ir-19-222", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-25709", }, { db: "VULMON", id: "CVE-2019-12259", }, { db: "JVNDB", id: "JVNDB-2019-007850", }, { db: "CNNVD", id: "CNNVD-201907-1492", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-476", trust: 1.1, }, { problemtype: "NULL Pointer dereference (CWE-476) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "VULHUB", id: "VHN-143987", }, { db: "JVNDB", id: "JVNDB-2019-007850", }, { db: "NVD", id: "CVE-2019-12259", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.4, url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { trust: 2.3, url: "https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2019-12259", }, { trust: 1.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { trust: 1.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { trust: 1.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { trust: 1.8, url: "https://psirt.global.sonicwall.com/vuln-detail/snwlid-2019-0009", }, { trust: 1.8, url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { trust: 1.8, url: "https://support.f5.com/csp/article/k41190253", }, { trust: 1.8, url: "https://support2.windriver.com/index.php?page=security-notices", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-12259", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsa-19-274-01", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsma-19-274-01", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsa-19-211-01", }, { trust: 0.9, url: "https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-10", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu92467308/", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu92598492/", }, { trust: 0.6, url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/security-advisory-ipnet/security-advisory-ipnet.pdf", }, { trust: 0.6, url: "https://www.tenable.com/blog/critical-vulnerabilities-dubbed-urgent11-place-devices-running-vxworks-at-risk-of-rce-attacks", }, { trust: 0.6, url: "https://fortiguard.com/psirt/fg-ir-19-222", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.3695.5/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.2856/", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/wind-river-vxworks-multiple-vulnerabilities-via-ipnet-29905", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/asb-2019.0224/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.3245/", }, { trust: 0.1, url: "https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2019-12259", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/476.html", }, { trust: 0.1, url: "http://tools.cisco.com/security/center/viewalert.x?alertid=60686", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-25709", }, { db: "VULHUB", id: "VHN-143987", }, { db: "VULMON", id: "CVE-2019-12259", }, { db: "JVNDB", id: "JVNDB-2019-007850", }, { db: "NVD", id: "CVE-2019-12259", }, { db: "CNNVD", id: "CNNVD-201907-1492", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "6ec2dbcd-d932-4972-91bf-710eff608403", }, { db: "CNVD", id: "CNVD-2019-25709", }, { db: "VULHUB", id: "VHN-143987", }, { db: "VULMON", id: "CVE-2019-12259", }, { db: "JVNDB", id: "JVNDB-2019-007850", }, { db: "NVD", id: "CVE-2019-12259", }, { db: "CNNVD", id: "CNNVD-201907-1492", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-08-02T00:00:00", db: "IVD", id: "6ec2dbcd-d932-4972-91bf-710eff608403", }, { date: "2019-08-01T00:00:00", db: "CNVD", id: "CNVD-2019-25709", }, { date: "2019-08-09T00:00:00", db: "VULHUB", id: "VHN-143987", }, { date: "2019-08-09T00:00:00", db: "VULMON", id: "CVE-2019-12259", }, { date: "2019-08-21T00:00:00", db: "JVNDB", id: "JVNDB-2019-007850", }, { date: "2019-08-09T19:15:11.140000", db: "NVD", id: "CVE-2019-12259", }, { date: "2019-07-29T00:00:00", db: "CNNVD", id: "CNNVD-201907-1492", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-08-02T00:00:00", db: "CNVD", id: "CNVD-2019-25709", }, { date: "2020-09-29T00:00:00", db: "VULHUB", id: "VHN-143987", }, { date: "2022-06-16T00:00:00", db: "VULMON", id: "CVE-2019-12259", }, { date: "2023-11-21T01:15:00", db: "JVNDB", id: "JVNDB-2019-007850", }, { date: "2022-06-16T18:10:14.380000", db: "NVD", id: "CVE-2019-12259", }, { date: "2022-03-10T00:00:00", db: "CNNVD", id: "CNNVD-201907-1492", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201907-1492", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River Systems VxWorks Code Issue Vulnerability", sources: [ { db: "IVD", id: "6ec2dbcd-d932-4972-91bf-710eff608403", }, { db: "CNVD", id: "CNVD-2019-25709", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Code problem", sources: [ { db: "IVD", id: "6ec2dbcd-d932-4972-91bf-710eff608403", }, { db: "CNNVD", id: "CNNVD-201907-1492", }, ], trust: 0.8, }, }
var-201508-0391
Vulnerability from variot
Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices before J2 and other devices, does not properly generate TCP initial sequence number (ISN) values, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value. VxWorks is a real-time operating system widely used on ICS-related devices. Schneider Electric SAGE RTU is a series of industrial data communication equipment of French Schneider Electric (Schneider Electric). Wind River VxWorks is a set of embedded real-time operating systems (RTOS) developed by Wind River in the United States.
A security vulnerability exists in Wind River VxWorks used in previous versions of Schneider Electric SAGE RTU equipment J2. The following versions are affected: Wind River VxWorks before 5.5.1, 6.5.x, 6.6.x, 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, and 6.9 before 6.9.4.4. x version, 7.x version before 7 ipnet_coreip 1.2.2.0. An attacker can exploit this issue to gain access to sensitive information, to cause a denial-of-service condition and perform certain unauthorized actions; this may lead to further attacks
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201508-0391", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "vxworks", scope: "lte", trust: 1, vendor: "windriver", version: "6.6", }, { model: "vxworks", scope: "gte", trust: 1, vendor: "windriver", version: "6.7", }, { model: "vxworks", scope: "lt", trust: 1, vendor: "windriver", version: "6.8.3", }, { model: "vxworks", scope: "lt", trust: 1, vendor: "windriver", version: "6.7.1.1", }, { model: "vxworks", scope: "lt", trust: 1, vendor: "windriver", version: "6.9.4.4", }, { model: "vxworks", scope: "eq", trust: 1, vendor: "windriver", version: "6.6.4", }, { model: "vxworks", scope: "gte", trust: 1, vendor: "windriver", version: "6.5", }, { model: "vxworks", scope: "eq", trust: 1, vendor: "windriver", version: "6.6.4.1", }, { model: "vxworks", scope: "eq", trust: 1, vendor: "windriver", version: "6.6.3", }, { model: "vxworks", scope: "gte", trust: 1, vendor: "windriver", version: "6.9", }, { model: "vxworks", scope: "gte", trust: 1, vendor: "windriver", version: "6.8", }, { model: "vxworks", scope: "eq", trust: 1, vendor: "windriver", version: "7.0", }, { model: "vxworks", scope: "eq", trust: 0.9, vendor: "windriver", version: "6.9", }, { model: "vxworks", scope: "eq", trust: 0.9, vendor: "windriver", version: "6.8", }, { model: "vxworks", scope: "eq", trust: 0.9, vendor: "windriver", version: "6.7", }, { model: "vxworks", scope: "eq", trust: 0.9, vendor: "windriver", version: "6.6", }, { model: "sage 1230 rtu", scope: null, trust: 0.8, vendor: "schneider electric", version: null, }, { model: "vxworks", scope: "lt", trust: 0.8, vendor: "wind river", version: "6.7.x", }, { model: "sage 1350 rtu", scope: null, trust: 0.8, vendor: "schneider electric", version: null, }, { model: "sage 1410 rtu", scope: null, trust: 0.8, vendor: "schneider electric", version: null, }, { model: "sage 1330 rtu", scope: null, trust: 0.8, vendor: "schneider electric", version: null, }, { model: "sage 1310 rtu", scope: null, trust: 0.8, vendor: "schneider electric", version: null, }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "wind river", version: "6.9.4.4", }, { model: "vxworks", scope: "lt", trust: 0.8, vendor: "wind river", version: "7.x", }, { model: "sage 2400 rtu", scope: null, trust: 0.8, vendor: "schneider electric", version: null, }, { model: "vxworks", scope: "lt", trust: 0.8, vendor: "wind river", version: "6.9.x", }, { model: "sage 1250 rtu", scope: null, trust: 0.8, vendor: "schneider electric", version: null, }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "wind river", version: "7 ipnet_coreip 1.2.2.0", }, { model: "sage 1210 rtu", scope: null, trust: 0.8, vendor: "schneider electric", version: null, }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "wind river", version: "6.5.x from 6.7.1.1", }, { model: "sage 3030 rtu", scope: null, trust: 0.8, vendor: "schneider electric", version: null, }, { model: "sage 1430 rtu", scope: null, trust: 0.8, vendor: "schneider electric", version: null, }, { model: "sage 2200 rtu", scope: null, trust: 0.8, vendor: "schneider electric", version: null, }, { model: "vxworks", scope: "lt", trust: 0.8, vendor: "wind river", version: "6.8.x", }, { model: "sage 1450 rtu", scope: null, trust: 0.8, vendor: "schneider electric", version: null, }, { model: "sage 3030 magnum rtu", scope: null, trust: 0.8, vendor: "schneider electric", version: null, }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "wind river", version: "6.8.3", }, { model: "river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.x", }, { model: "river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "7.x", }, { model: "vxworks", scope: "eq", trust: 0.6, vendor: "windriver", version: "6.9.4", }, { model: "vxworks", scope: "eq", trust: 0.6, vendor: "windriver", version: "5.5", }, { model: "vxworks", scope: "eq", trust: 0.6, vendor: "windriver", version: "6.5", }, { model: "vxworks", scope: "eq", trust: 0.6, vendor: "windriver", version: "6.9.3", }, { model: "phaser 3635mfp", scope: "eq", trust: 0.3, vendor: "xerox", version: "0", }, { model: "vxworks", scope: "eq", trust: 0.3, vendor: "windriver", version: "7", }, { model: "sage rtu", scope: "eq", trust: 0.3, vendor: "schneider electric", version: "30300", }, { model: "sage magnum rtu", scope: "eq", trust: 0.3, vendor: "schneider electric", version: "30300", }, { model: "sage rtu", scope: "eq", trust: 0.3, vendor: "schneider electric", version: "24000", }, { model: "sage rtu", scope: "eq", trust: 0.3, vendor: "schneider electric", version: "22000", }, { model: "sage rtu", scope: "eq", trust: 0.3, vendor: "schneider electric", version: "14500", }, { model: "sage rtu", scope: "eq", trust: 0.3, vendor: "schneider electric", version: "14300", }, { model: "sage rtu", scope: "eq", trust: 0.3, vendor: "schneider electric", version: "14100", }, { model: "sage rtu", scope: "eq", trust: 0.3, vendor: "schneider electric", version: "13500", }, { model: "sage rtu", scope: "eq", trust: 0.3, vendor: "schneider electric", version: "13300", }, { model: "sage rtu", scope: "eq", trust: 0.3, vendor: "schneider electric", version: "13100", }, { model: "sage rtu", scope: "eq", trust: 0.3, vendor: "schneider electric", version: "12500", }, { model: "sage rtu", scope: "eq", trust: 0.3, vendor: "schneider electric", version: "12300", }, { model: "sage rtu", scope: "eq", trust: 0.3, vendor: "schneider electric", version: "12100", }, { model: "rtu500 series", scope: "eq", trust: 0.3, vendor: "abb", version: "11.3", }, { model: "phaser 3635mfp", scope: "ne", trust: 0.3, vendor: "xerox", version: "20.105.54.000", }, { model: "vxworks", scope: "ne", trust: 0.3, vendor: "windriver", version: "6.8.3", }, { model: "vxworks", scope: "ne", trust: 0.3, vendor: "windriver", version: "5.5.1", }, { model: "vxworks", scope: "ne", trust: 0.3, vendor: "windriver", version: "6.9.4.4", }, { model: "vxworks", scope: "ne", trust: 0.3, vendor: "windriver", version: "6.7.1.1", }, { model: "vxworks", scope: "ne", trust: 0.3, vendor: "windriver", version: "6.4", }, { model: "vxworks", scope: "ne", trust: 0.3, vendor: "windriver", version: "6.0", }, { model: "sage magnum rtu c3414-500-s02j2", scope: "ne", trust: 0.3, vendor: "schneider electric", version: "3030", }, { model: "sage rtu c3414-500-s02j2", scope: "ne", trust: 0.3, vendor: "schneider electric", version: "2400", }, { model: "sage rtu c3414-500-s02j2", scope: "ne", trust: 0.3, vendor: "schneider electric", version: "1450", }, { model: "sage rtu c3414-500-s02j2", scope: "ne", trust: 0.3, vendor: "schneider electric", version: "1430", }, { model: "sage rtu c3414-500-s02j2", scope: "ne", trust: 0.3, vendor: "schneider electric", version: "1410", }, { model: "rtu500 series", scope: "ne", trust: 0.3, vendor: "abb", version: "11.4.1", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "*", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.5", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.6", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.7", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.8", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.9", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.9.3", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.9.4", }, ], sources: [ { db: "IVD", id: "80541190-2351-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2015-03907", }, { db: "BID", id: "75302", }, { db: "JVNDB", id: "JVNDB-2015-004019", }, { db: "NVD", id: "CVE-2015-3963", }, { db: "CNNVD", id: "CNNVD-201507-324", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.6", versionStartIncluding: "6.5", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.6.3:*:*:*:cert:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.6.4:*:*:*:cert:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.6.4.1:*:*:*:cert:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "6.7.1.1", versionStartIncluding: "6.7", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "6.8.3", versionStartIncluding: "6.8", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "6.9.4.4", versionStartIncluding: "6.9", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:schneider-electric:sage_1210:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:schneider-electric:sage_1230:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:schneider-electric:sage_1250:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:schneider-electric:sage_1310:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:schneider-electric:sage_1330:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:schneider-electric:sage_1350:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:schneider-electric:sage_1410:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:schneider-electric:sage_1430:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:schneider-electric:sage_1450:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:schneider-electric:sage_2200:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:schneider-electric:sage_2400:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:schneider-electric:sage_3030:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:schneider-electric:sage_3030_magnum:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2015-3963", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "David Formby, and San Shin Jung of Georgia Tech.,Raheem Beyah", sources: [ { db: "CNNVD", id: "CNNVD-201507-324", }, ], trust: 0.6, }, cve: "CVE-2015-3963", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "NONE", exploitabilityScore: 8.6, impactScore: 4.9, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Medium", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 5.8, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2015-3963", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:P", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, id: "CNVD-2015-03907", impactScore: 4.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:P", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, id: "80541190-2351-11e6-abef-000c29c66e3d", impactScore: 4.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.2, vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:P", version: "2.9 [IVD]", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, id: "VHN-81924", impactScore: 4.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:M/AU:N/C:P/I:N/A:P", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2015-3963", trust: 1.8, value: "MEDIUM", }, { author: "CNVD", id: "CNVD-2015-03907", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201507-324", trust: 0.6, value: "MEDIUM", }, { author: "IVD", id: "80541190-2351-11e6-abef-000c29c66e3d", trust: 0.2, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-81924", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "IVD", id: "80541190-2351-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2015-03907", }, { db: "VULHUB", id: "VHN-81924", }, { db: "JVNDB", id: "JVNDB-2015-004019", }, { db: "NVD", id: "CVE-2015-3963", }, { db: "CNNVD", id: "CNNVD-201507-324", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices before J2 and other devices, does not properly generate TCP initial sequence number (ISN) values, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value. VxWorks is a real-time operating system widely used on ICS-related devices. Schneider Electric SAGE RTU is a series of industrial data communication equipment of French Schneider Electric (Schneider Electric). Wind River VxWorks is a set of embedded real-time operating systems (RTOS) developed by Wind River in the United States. \n\nA security vulnerability exists in Wind River VxWorks used in previous versions of Schneider Electric SAGE RTU equipment J2. The following versions are affected: Wind River VxWorks before 5.5.1, 6.5.x, 6.6.x, 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, and 6.9 before 6.9.4.4. x version, 7.x version before 7 ipnet_coreip 1.2.2.0. \nAn attacker can exploit this issue to gain access to sensitive information, to cause a denial-of-service condition and perform certain unauthorized actions; this may lead to further attacks", sources: [ { db: "NVD", id: "CVE-2015-3963", }, { db: "JVNDB", id: "JVNDB-2015-004019", }, { db: "CNVD", id: "CNVD-2015-03907", }, { db: "CNNVD", id: "CNNVD-201507-324", }, { db: "BID", id: "75302", }, { db: "IVD", id: "80541190-2351-11e6-abef-000c29c66e3d", }, { db: "VULHUB", id: "VHN-81924", }, ], trust: 3.24, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2015-3963", trust: 3.6, }, { db: "ICS CERT", id: "ICSA-15-169-01", trust: 3.4, }, { db: "BID", id: "75302", trust: 2.6, }, { db: "SCHNEIDER", id: "SEVD-2015-162-01", trust: 1.7, }, { db: "SECTRACK", id: "1033181", trust: 1.7, }, { db: "SECTRACK", id: "1032730", trust: 1.7, }, { db: "ICS CERT", id: "ICSA-15-169-01A", trust: 1.7, }, { db: "CNVD", id: "CNVD-2015-03907", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201507-324", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2015-004019", trust: 0.8, }, { db: "IVD", id: "80541190-2351-11E6-ABEF-000C29C66E3D", trust: 0.2, }, { db: "VULHUB", id: "VHN-81924", trust: 0.1, }, ], sources: [ { db: "IVD", id: "80541190-2351-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2015-03907", }, { db: "VULHUB", id: "VHN-81924", }, { db: "BID", id: "75302", }, { db: "JVNDB", id: "JVNDB-2015-004019", }, { db: "NVD", id: "CVE-2015-3963", }, { db: "CNNVD", id: "CNNVD-201507-324", }, ], }, id: "VAR-201508-0391", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "80541190-2351-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2015-03907", }, { db: "VULHUB", id: "VHN-81924", }, ], trust: 1.30669191, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "IoT", "ICS", ], sub_category: null, trust: 0.6, }, { category: [ "ICS", ], sub_category: null, trust: 0.2, }, ], sources: [ { db: "IVD", id: "80541190-2351-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2015-03907", }, ], }, last_update_date: "2023-12-18T11:00:45.492000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "SAGE RTU VxWorks TCP Predictability", trust: 0.8, url: "http://download.schneider-electric.com/files?p_reference=sevd-2015-162-01&p_endoctype=brochure&p_file_id=868067338&p_file_name=sevd-2015-162-01.pdf", }, { title: "SEVD-2015-162-01", trust: 0.8, url: "http://www.schneider-electric.com/ww/en/download/document/sevd-2015-162-01", }, { title: "Top Page", trust: 0.8, url: "http://www.windriver.com/", }, { title: "Wind River VXWorks TCP predictable vulnerability patch", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/59857", }, { title: "Wind River VxWorks Repair measures for security bypass vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=157616", }, ], sources: [ { db: "CNVD", id: "CNVD-2015-03907", }, { db: "JVNDB", id: "JVNDB-2015-004019", }, { db: "CNNVD", id: "CNNVD-201507-324", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-330", trust: 1, }, { problemtype: "CWE-20", trust: 0.9, }, ], sources: [ { db: "VULHUB", id: "VHN-81924", }, { db: "JVNDB", id: "JVNDB-2015-004019", }, { db: "NVD", id: "CVE-2015-3963", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 3.4, url: "https://ics-cert.us-cert.gov/advisories/icsa-15-169-01", }, { trust: 1.7, url: "http://www.securityfocus.com/bid/75302", }, { trust: 1.7, url: "http://www.schneider-electric.com/ww/en/download/document/sevd-2015-162-01", }, { trust: 1.7, url: "https://security.netapp.com/advisory/ntap-20160324-0001/", }, { trust: 1.7, url: "https://ics-cert.us-cert.gov/advisories/icsa-15-169-01a", }, { trust: 1.7, url: "http://www.securitytracker.com/id/1032730", }, { trust: 1.7, url: "http://www.securitytracker.com/id/1033181", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3963", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3963", }, { trust: 0.3, url: "http://www.windriver.com/products/vxworks.html", }, { trust: 0.3, url: "https://www.xerox.com/download/security/security-bulletin/1ddcb-5255ff0558bfd/cert_security_mini-_bulletin_xrx15aw_for_ph3635mfp_v1-0.pdf", }, { trust: 0.3, url: "https://library.e.abb.com/public/03edbe8b0bed400a8b294347be5d66ab/abb_softwarevulnerabilityhandlingadvisory_abb-vu-pgga-1kgt090284.pdf", }, ], sources: [ { db: "CNVD", id: "CNVD-2015-03907", }, { db: "VULHUB", id: "VHN-81924", }, { db: "BID", id: "75302", }, { db: "JVNDB", id: "JVNDB-2015-004019", }, { db: "NVD", id: "CVE-2015-3963", }, { db: "CNNVD", id: "CNNVD-201507-324", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "80541190-2351-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2015-03907", }, { db: "VULHUB", id: "VHN-81924", }, { db: "BID", id: "75302", }, { db: "JVNDB", id: "JVNDB-2015-004019", }, { db: "NVD", id: "CVE-2015-3963", }, { db: "CNNVD", id: "CNNVD-201507-324", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2015-06-24T00:00:00", db: "IVD", id: "80541190-2351-11e6-abef-000c29c66e3d", }, { date: "2015-06-24T00:00:00", db: "CNVD", id: "CNVD-2015-03907", }, { date: "2015-08-04T00:00:00", db: "VULHUB", id: "VHN-81924", }, { date: "2015-06-18T00:00:00", db: "BID", id: "75302", }, { date: "2015-08-06T00:00:00", db: "JVNDB", id: "JVNDB-2015-004019", }, { date: "2015-08-04T01:59:07.357000", db: "NVD", id: "CVE-2015-3963", }, { date: "2015-06-18T00:00:00", db: "CNNVD", id: "CNNVD-201507-324", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2015-06-24T00:00:00", db: "CNVD", id: "CNVD-2015-03907", }, { date: "2017-11-10T00:00:00", db: "VULHUB", id: "VHN-81924", }, { date: "2016-10-26T05:09:00", db: "BID", id: "75302", }, { date: "2015-08-06T00:00:00", db: "JVNDB", id: "JVNDB-2015-004019", }, { date: "2021-07-22T13:09:15.723000", db: "NVD", id: "CVE-2015-3963", }, { date: "2021-07-26T00:00:00", db: "CNNVD", id: "CNNVD-201507-324", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201507-324", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River VXWorks TCP Predictable vulnerability", sources: [ { db: "IVD", id: "80541190-2351-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2015-03907", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "security feature problem", sources: [ { db: "CNNVD", id: "CNNVD-201507-324", }, ], trust: 0.6, }, }
var-201008-0273
Vulnerability from variot
The FTP daemon in Wind River VxWorks does not close the TCP connection after a number of failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force attack. Remote attackers can easily gain access with brute-force attacks
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201008-0273", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "5", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.4", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "5.5", }, { model: "vxworks", scope: "lte", trust: 1, vendor: "windriver", version: "6.8", }, { model: "vxworks", scope: null, trust: 0.8, vendor: "wind river", version: null, }, { model: "river systems vxworks through", scope: "eq", trust: 0.6, vendor: "wind", version: "6.56.9", }, { model: "vxworks", scope: "eq", trust: 0.6, vendor: "windriver", version: "6.8", }, { model: null, scope: "eq", trust: 0.4, vendor: "vxworks", version: "5", }, { model: null, scope: "eq", trust: 0.4, vendor: "vxworks", version: "5.5", }, { model: null, scope: "eq", trust: 0.4, vendor: "vxworks", version: "6", }, { model: null, scope: "eq", trust: 0.4, vendor: "vxworks", version: "6.4", }, { model: null, scope: "eq", trust: 0.4, vendor: "vxworks", version: "*", }, ], sources: [ { db: "IVD", id: "01a8494c-2356-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d7563c0-463f-11e9-a7a0-000c29342cb1", }, { db: "CNVD", id: "CNVD-2010-3888", }, { db: "JVNDB", id: "JVNDB-2010-005615", }, { db: "NVD", id: "CVE-2010-2968", }, { db: "CNNVD", id: "CNNVD-201008-032", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:windriver:vxworks:5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.8", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:5.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2010-2968", }, ], }, cve: "CVE-2010-2968", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "NONE", baseScore: 7.8, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, impactScore: 6.9, integrityImpact: "NONE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:C/I:N/A:N", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "None", baseScore: 7.8, confidentialityImpact: "Complete", exploitabilityScore: null, id: "CVE-2010-2968", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:C/I:N/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2010-3888", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "01a8494c-2356-11e6-abef-000c29c66e3d", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "7d7563c0-463f-11e9-a7a0-000c29342cb1", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.9 [IVD]", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2010-2968", trust: 1.8, value: "HIGH", }, { author: "CNVD", id: "CNVD-2010-3888", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201008-032", trust: 0.6, value: "HIGH", }, { author: "IVD", id: "01a8494c-2356-11e6-abef-000c29c66e3d", trust: 0.2, value: "HIGH", }, { author: "IVD", id: "7d7563c0-463f-11e9-a7a0-000c29342cb1", trust: 0.2, value: "HIGH", }, ], }, ], sources: [ { db: "IVD", id: "01a8494c-2356-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d7563c0-463f-11e9-a7a0-000c29342cb1", }, { db: "CNVD", id: "CNVD-2010-3888", }, { db: "JVNDB", id: "JVNDB-2010-005615", }, { db: "NVD", id: "CVE-2010-2968", }, { db: "CNNVD", id: "CNNVD-201008-032", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "The FTP daemon in Wind River VxWorks does not close the TCP connection after a number of failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force attack. Remote attackers can easily gain access with brute-force attacks", sources: [ { db: "NVD", id: "CVE-2010-2968", }, { db: "JVNDB", id: "JVNDB-2010-005615", }, { db: "CNVD", id: "CNVD-2010-3888", }, { db: "IVD", id: "01a8494c-2356-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d7563c0-463f-11e9-a7a0-000c29342cb1", }, ], trust: 2.52, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2010-2968", trust: 3.4, }, { db: "CNVD", id: "CNVD-2010-3888", trust: 1, }, { db: "CNNVD", id: "CNNVD-201008-032", trust: 1, }, { db: "JVNDB", id: "JVNDB-2010-005615", trust: 0.8, }, { db: "IVD", id: "01A8494C-2356-11E6-ABEF-000C29C66E3D", trust: 0.2, }, { db: "IVD", id: "7D7563C0-463F-11E9-A7A0-000C29342CB1", trust: 0.2, }, ], sources: [ { db: "IVD", id: "01a8494c-2356-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d7563c0-463f-11e9-a7a0-000c29342cb1", }, { db: "CNVD", id: "CNVD-2010-3888", }, { db: "JVNDB", id: "JVNDB-2010-005615", }, { db: "NVD", id: "CVE-2010-2968", }, { db: "CNNVD", id: "CNNVD-201008-032", }, ], }, id: "VAR-201008-0273", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "01a8494c-2356-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d7563c0-463f-11e9-a7a0-000c29342cb1", }, { db: "CNVD", id: "CNVD-2010-3888", }, ], trust: 1.48058823, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "IoT", "ICS", ], sub_category: null, trust: 0.6, }, { category: [ "ICS", ], sub_category: null, trust: 0.4, }, ], sources: [ { db: "IVD", id: "01a8494c-2356-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d7563c0-463f-11e9-a7a0-000c29342cb1", }, { db: "CNVD", id: "CNVD-2010-3888", }, ], }, last_update_date: "2023-12-18T13:09:48.875000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Top Page", trust: 0.8, url: "http://www.windriver.com/", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2010-005615", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-264", trust: 1.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2010-005615", }, { db: "NVD", id: "CVE-2010-2968", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.2, url: "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2968", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2968", }, ], sources: [ { db: "CNVD", id: "CNVD-2010-3888", }, { db: "JVNDB", id: "JVNDB-2010-005615", }, { db: "NVD", id: "CVE-2010-2968", }, { db: "CNNVD", id: "CNNVD-201008-032", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "01a8494c-2356-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d7563c0-463f-11e9-a7a0-000c29342cb1", }, { db: "CNVD", id: "CNVD-2010-3888", }, { db: "JVNDB", id: "JVNDB-2010-005615", }, { db: "NVD", id: "CVE-2010-2968", }, { db: "CNNVD", id: "CNNVD-201008-032", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2010-08-05T00:00:00", db: "IVD", id: "01a8494c-2356-11e6-abef-000c29c66e3d", }, { date: "2010-08-05T00:00:00", db: "IVD", id: "7d7563c0-463f-11e9-a7a0-000c29342cb1", }, { date: "2010-08-05T00:00:00", db: "CNVD", id: "CNVD-2010-3888", }, { date: "2012-12-20T00:00:00", db: "JVNDB", id: "JVNDB-2010-005615", }, { date: "2010-08-05T13:22:29.887000", db: "NVD", id: "CVE-2010-2968", }, { date: "2010-08-05T00:00:00", db: "CNNVD", id: "CNNVD-201008-032", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2010-08-05T00:00:00", db: "CNVD", id: "CNVD-2010-3888", }, { date: "2012-12-20T00:00:00", db: "JVNDB", id: "JVNDB-2010-005615", }, { date: "2010-08-05T13:22:29.887000", db: "NVD", id: "CVE-2010-2968", }, { date: "2010-08-06T00:00:00", db: "CNNVD", id: "CNNVD-201008-032", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201008-032", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River VxWorks FTP Daemon Permissions and Access Control Vulnerability", sources: [ { db: "CNVD", id: "CNVD-2010-3888", }, { db: "CNNVD", id: "CNNVD-201008-032", }, ], trust: 1.2, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "permissions and access control", sources: [ { db: "CNNVD", id: "CNNVD-201008-032", }, ], trust: 0.6, }, }
var-201303-0237
Vulnerability from variot
The web server in Wind River VxWorks 5.5 through 6.9 allows remote attackers to cause a denial of service (daemon crash) via a crafted URI. The VxWorks Web Server contains a denial-of-service vulnerability. The VxWorks Web Server contains a denial-of-service (DoS) vulnerability. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.When a user accesses the VxWorks Web Server using a specially crafted URL, the server may crash. VxWorks is an embedded real-time operating system. Attackers can exploit this issue to crash the application, denying service to legitimate users. VxWorks 5.5 through 6.9 are vulnerable; other versions may also be affected. Vendor affected: TP-Link (http://tp-link.com)
Products affected: * All TP-Link VxWorks-based devices (confirmed by vendor) * All "2-series" switches (confirmed by vendor) * TL-SG2008 semi-managed switch (confirmed by vendor) * TL-SG2216 semi-managed switch (confirmed by vendor) * TL-SG2424 semi-managed switch (confirmed by vendor) * TL-SG2424P semi-managed switch (confirmed by vendor) * TL-SG2452 semi-managed switch (confirmed by vendor)
Vulnerabilities: * All previously-reported VxWorks vulnerabilities from 6.6.0 on; at the very least: * CVE-2013-0716 (confirmed by vendor) * CVE-2013-0715 (confirmed by vendor) * CVE-2013-0714 (confirmed by vendor) * CVE-2013-0713 (confirmed by vendor) * CVE-2013-0712 (confirmed by vendor) * CVE-2013-0711 (confirmed by vendor) * CVE-2010-2967 (confirmed by vendor) * CVE-2010-2966 (confirmed by vendor) * CVE-2008-2476 (confirmed by vendor) * SSLv2 is available and cannot be disabled unless HTTPS is completely disabled (allows downgrade attacks) (confirmed by vendor) * SSL (v2, v3) offers insecure cipher suites and HMACs which cannot be disabled (allows downgrade attacks) (confirmed by vendor)
Design flaws: * Telnet is available and cannot be disabled (confirmed by vendor) * SSHv1 enabled by default if SSH is enabled (confirmed by vendor)
Vendor response: TP-Link are not convinced that these flaws should be repaired.
TP-Link's Internet presence -- or at least DNS -- is available only intermittently. Most emails bounced. Lost contact with vendor, but did confirm that development lead is now on holiday and will not return for at least a week.
Initial vendor reaction was to recommend purchase of "3-series" switches. Vendor did not offer reasons why "3-series" switches would be more secure, apart from lack of telnet service. Vendor confirmed that no development time can be allocated to securing "2-series" product and all focus has shifted to newer products.
(TL-SG2008 first product availability July 2014...)
Vendor deeply confused about security of DES/3DES, MD5, claimed that all security is relative. ("...[E]ven SHA-1 can be cracked, they just have different security level.")
Fix availability: None.
Work-arounds advised: None possible. Remove products from network
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201303-0237", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.9", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.7", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.8", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.6", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.5", }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "wind river", version: "5.5 through 6.9", }, { model: "river systems vxworks through", scope: "eq", trust: 0.6, vendor: "wind", version: "5.56.9", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.5", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.6", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.7", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.8", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.9", }, ], sources: [ { db: "IVD", id: "09677174-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-02010", }, { db: "JVNDB", id: "JVNDB-2013-000023", }, { db: "CNNVD", id: "CNNVD-201303-410", }, { db: "NVD", id: "CVE-2013-0716", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.9:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2013-0716", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories", sources: [ { db: "BID", id: "58641", }, ], trust: 0.3, }, cve: "CVE-2013-0716", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, impactScore: 2.9, integrityImpact: "NONE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "IPA", availabilityImpact: "Partial", baseScore: 5, confidentialityImpact: "None", exploitabilityScore: null, id: "JVNDB-2013-000023", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2013-02010", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "09677174-2353-11e6-abef-000c29c66e3d", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.9 [IVD]", }, { acInsufInfo: null, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULMON", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CVE-2013-0716", impactScore: 2.9, integrityImpact: "NONE", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "MEDIUM", trust: 0.1, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2013-0716", trust: 1, value: "MEDIUM", }, { author: "IPA", id: "JVNDB-2013-000023", trust: 0.8, value: "Medium", }, { author: "CNVD", id: "CNVD-2013-02010", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201303-410", trust: 0.6, value: "MEDIUM", }, { author: "IVD", id: "09677174-2353-11e6-abef-000c29c66e3d", trust: 0.2, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2013-0716", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "IVD", id: "09677174-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-02010", }, { db: "VULMON", id: "CVE-2013-0716", }, { db: "JVNDB", id: "JVNDB-2013-000023", }, { db: "CNNVD", id: "CNNVD-201303-410", }, { db: "NVD", id: "CVE-2013-0716", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "The web server in Wind River VxWorks 5.5 through 6.9 allows remote attackers to cause a denial of service (daemon crash) via a crafted URI. The VxWorks Web Server contains a denial-of-service vulnerability. The VxWorks Web Server contains a denial-of-service (DoS) vulnerability. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.When a user accesses the VxWorks Web Server using a specially crafted URL, the server may crash. VxWorks is an embedded real-time operating system. \nAttackers can exploit this issue to crash the application, denying service to legitimate users. \nVxWorks 5.5 through 6.9 are vulnerable; other versions may also be affected. Vendor affected: TP-Link (http://tp-link.com)\n\nProducts affected:\n * All TP-Link VxWorks-based devices (confirmed by vendor)\n * All \"2-series\" switches (confirmed by vendor)\n * TL-SG2008 semi-managed switch (confirmed by vendor)\n * TL-SG2216 semi-managed switch (confirmed by vendor)\n * TL-SG2424 semi-managed switch (confirmed by vendor)\n * TL-SG2424P semi-managed switch (confirmed by vendor)\n * TL-SG2452 semi-managed switch (confirmed by vendor)\n\nVulnerabilities:\n * All previously-reported VxWorks vulnerabilities from 6.6.0 on;\n at the very least:\n * CVE-2013-0716 (confirmed by vendor)\n * CVE-2013-0715 (confirmed by vendor)\n * CVE-2013-0714 (confirmed by vendor)\n * CVE-2013-0713 (confirmed by vendor)\n * CVE-2013-0712 (confirmed by vendor)\n * CVE-2013-0711 (confirmed by vendor)\n * CVE-2010-2967 (confirmed by vendor)\n * CVE-2010-2966 (confirmed by vendor)\n * CVE-2008-2476 (confirmed by vendor)\n * SSLv2 is available and cannot be disabled unless HTTPS is\n completely disabled (allows downgrade attacks)\n (confirmed by vendor)\n * SSL (v2, v3) offers insecure cipher suites and HMACs which cannot\n be disabled (allows downgrade attacks)\n (confirmed by vendor)\n\nDesign flaws:\n * Telnet is available and cannot be disabled (confirmed by vendor)\n * SSHv1 enabled by default if SSH is enabled (confirmed by vendor)\n\nVendor response:\n TP-Link are not convinced that these flaws should be repaired. \n\n TP-Link's Internet presence -- or at least DNS -- is available only\n intermittently. Most emails bounced. Lost contact with vendor, but\n did confirm that development lead is now on holiday and will not\n return for at least a week. \n\n Initial vendor reaction was to recommend purchase of \"3-series\"\n switches. Vendor did not offer reasons why \"3-series\" switches would\n be more secure, apart from lack of telnet service. Vendor confirmed\n that no development time can be allocated to securing \"2-series\"\n product and all focus has shifted to newer products. \n\n (TL-SG2008 first product availability July 2014...)\n\n Vendor deeply confused about security of DES/3DES, MD5, claimed that\n all security is relative. (\"...[E]ven SHA-1 can be cracked, they just\n have different security level.\")\n\nFix availability:\n None. \n\nWork-arounds advised:\n None possible. Remove products from network", sources: [ { db: "NVD", id: "CVE-2013-0716", }, { db: "JVNDB", id: "JVNDB-2013-000023", }, { db: "CNVD", id: "CNVD-2013-02010", }, { db: "BID", id: "58641", }, { db: "IVD", id: "09677174-2353-11e6-abef-000c29c66e3d", }, { db: "VULMON", id: "CVE-2013-0716", }, { db: "PACKETSTORM", id: "128512", }, ], trust: 2.79, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2013-0716", trust: 3.7, }, { db: "JVNDB", id: "JVNDB-2013-000023", trust: 3.1, }, { db: "JVN", id: "JVN41022517", trust: 2.5, }, { db: "ICS CERT", id: "ICSA-13-091-01", trust: 1.9, }, { db: "CNVD", id: "CNVD-2013-02010", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201303-410", trust: 0.8, }, { db: "JVN", id: "JVN#41022517", trust: 0.6, }, { db: "BID", id: "58641", trust: 0.3, }, { db: "IVD", id: "09677174-2353-11E6-ABEF-000C29C66E3D", trust: 0.2, }, { db: "VULMON", id: "CVE-2013-0716", trust: 0.1, }, { db: "PACKETSTORM", id: "128512", trust: 0.1, }, ], sources: [ { db: "IVD", id: "09677174-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-02010", }, { db: "VULMON", id: "CVE-2013-0716", }, { db: "BID", id: "58641", }, { db: "JVNDB", id: "JVNDB-2013-000023", }, { db: "PACKETSTORM", id: "128512", }, { db: "CNNVD", id: "CNNVD-201303-410", }, { db: "NVD", id: "CVE-2013-0716", }, ], }, id: "VAR-201303-0237", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "09677174-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-02010", }, ], trust: 1.28058823, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "IoT", "ICS", ], sub_category: null, trust: 0.6, }, { category: [ "ICS", ], sub_category: null, trust: 0.2, }, ], sources: [ { db: "IVD", id: "09677174-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-02010", }, ], }, last_update_date: "2024-02-13T19:21:45.177000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Information from Wind River Systems", trust: 0.8, url: "http://jvn.jp/en/jp/jvn41022517/995359/index.html", }, { title: "Patch for VxWorks Web Server Denial of Service Vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/32974", }, ], sources: [ { db: "CNVD", id: "CNVD-2013-02010", }, { db: "JVNDB", id: "JVNDB-2013-000023", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-20", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2013-0716", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.5, url: "http://jvn.jp/en/jp/jvn41022517/index.html", }, { trust: 1.9, url: "http://ics-cert.us-cert.gov/advisories/icsa-13-091-01", }, { trust: 1.7, url: "http://jvn.jp/en/jp/jvn41022517/995359/index.html", }, { trust: 1.7, url: "http://jvndb.jvn.jp/jvndb/jvndb-2013-000023", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0716", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0716", }, { trust: 0.6, url: "http://jvndb.jvn.jp/en/contents/2013/jvndb-2013-000023.html", }, { trust: 0.3, url: "http://www.windriver.com/", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/20.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2010-2966", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0713", }, { trust: 0.1, url: "http://tp-link.com)", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0715", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2010-2967", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2008-2476", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0716", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0712", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0711", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0714", }, ], sources: [ { db: "CNVD", id: "CNVD-2013-02010", }, { db: "VULMON", id: "CVE-2013-0716", }, { db: "BID", id: "58641", }, { db: "JVNDB", id: "JVNDB-2013-000023", }, { db: "PACKETSTORM", id: "128512", }, { db: "CNNVD", id: "CNNVD-201303-410", }, { db: "NVD", id: "CVE-2013-0716", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "09677174-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-02010", }, { db: "VULMON", id: "CVE-2013-0716", }, { db: "BID", id: "58641", }, { db: "JVNDB", id: "JVNDB-2013-000023", }, { db: "PACKETSTORM", id: "128512", }, { db: "CNNVD", id: "CNNVD-201303-410", }, { db: "NVD", id: "CVE-2013-0716", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2013-03-25T00:00:00", db: "IVD", id: "09677174-2353-11e6-abef-000c29c66e3d", }, { date: "2013-03-25T00:00:00", db: "CNVD", id: "CNVD-2013-02010", }, { date: "2013-03-20T00:00:00", db: "VULMON", id: "CVE-2013-0716", }, { date: "2013-03-18T00:00:00", db: "BID", id: "58641", }, { date: "2013-03-18T00:00:00", db: "JVNDB", id: "JVNDB-2013-000023", }, { date: "2014-10-01T10:11:11", db: "PACKETSTORM", id: "128512", }, { date: "2013-03-21T00:00:00", db: "CNNVD", id: "CNNVD-201303-410", }, { date: "2013-03-20T18:55:01.807000", db: "NVD", id: "CVE-2013-0716", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2013-05-19T00:00:00", db: "CNVD", id: "CNVD-2013-02010", }, { date: "2013-05-21T00:00:00", db: "VULMON", id: "CVE-2013-0716", }, { date: "2013-04-02T06:57:00", db: "BID", id: "58641", }, { date: "2013-06-25T00:00:00", db: "JVNDB", id: "JVNDB-2013-000023", }, { date: "2013-03-21T00:00:00", db: "CNNVD", id: "CNNVD-201303-410", }, { date: "2013-05-21T03:23:04.317000", db: "NVD", id: "CVE-2013-0716", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201303-410", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "VxWorks Web Server Denial of Service Vulnerability", sources: [ { db: "IVD", id: "09677174-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-02010", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Input validation", sources: [ { db: "IVD", id: "09677174-2353-11e6-abef-000c29c66e3d", }, { db: "CNNVD", id: "CNNVD-201303-410", }, ], trust: 0.8, }, }
var-201303-0235
Vulnerability from variot
IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote attackers to execute arbitrary code or cause a denial of service (daemon hang) via a crafted public-key authentication request. The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability. The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability due to an issue in the processing authentication requests. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. In addition, arbitrary code may be executed on the server. VxWorks is an embedded real-time operating system. Wind River VxWorks is a set of real-time operating systems for the Internet of Things developed by Wind River. Vulnerabilities in IPSSH (aka SSH Server) in Wind River VxWorks 6.5 to 6.9. VxWorks is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause an affected SSH access to be unavailable, denying service to legitimate users. Due to the nature of this issue, arbitrary code-execution may be possible; however this has not been confirmed. VxWorks 6.5 through version 6.9 are vulnerable; other versions may also be affected. Vendor affected: TP-Link (http://tp-link.com)
Products affected: * All TP-Link VxWorks-based devices (confirmed by vendor) * All "2-series" switches (confirmed by vendor) * TL-SG2008 semi-managed switch (confirmed by vendor) * TL-SG2216 semi-managed switch (confirmed by vendor) * TL-SG2424 semi-managed switch (confirmed by vendor) * TL-SG2424P semi-managed switch (confirmed by vendor) * TL-SG2452 semi-managed switch (confirmed by vendor)
Vulnerabilities: * All previously-reported VxWorks vulnerabilities from 6.6.0 on; at the very least: * CVE-2013-0716 (confirmed by vendor) * CVE-2013-0715 (confirmed by vendor) * CVE-2013-0714 (confirmed by vendor) * CVE-2013-0713 (confirmed by vendor) * CVE-2013-0712 (confirmed by vendor) * CVE-2013-0711 (confirmed by vendor) * CVE-2010-2967 (confirmed by vendor) * CVE-2010-2966 (confirmed by vendor) * CVE-2008-2476 (confirmed by vendor) * SSLv2 is available and cannot be disabled unless HTTPS is completely disabled (allows downgrade attacks) (confirmed by vendor) * SSL (v2, v3) offers insecure cipher suites and HMACs which cannot be disabled (allows downgrade attacks) (confirmed by vendor)
Design flaws: * Telnet is available and cannot be disabled (confirmed by vendor) * SSHv1 enabled by default if SSH is enabled (confirmed by vendor)
Vendor response: TP-Link are not convinced that these flaws should be repaired.
TP-Link's Internet presence -- or at least DNS -- is available only intermittently. Most emails bounced. Lost contact with vendor, but did confirm that development lead is now on holiday and will not return for at least a week.
Initial vendor reaction was to recommend purchase of "3-series" switches. Vendor did not offer reasons why "3-series" switches would be more secure, apart from lack of telnet service. Vendor confirmed that no development time can be allocated to securing "2-series" product and all focus has shifted to newer products.
(TL-SG2008 first product availability July 2014...)
Vendor deeply confused about security of DES/3DES, MD5, claimed that all security is relative. ("...[E]ven SHA-1 can be cracked, they just have different security level.")
Fix availability: None.
Work-arounds advised: None possible. Remove products from network
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201303-0235", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.8", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.7", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.6", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.9", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.5", }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "wind river", version: "6.5 through 6.9", }, { model: "river systems vxworks through", scope: "eq", trust: 0.6, vendor: "wind", version: "6.56.9", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.5", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.6", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.7", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.8", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.9", }, ], sources: [ { db: "IVD", id: "09730b60-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-02002", }, { db: "JVNDB", id: "JVNDB-2013-000021", }, { db: "NVD", id: "CVE-2013-0714", }, { db: "CNNVD", id: "CNNVD-201303-408", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.9:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2013-0714", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd", sources: [ { db: "BID", id: "58642", }, ], trust: 0.3, }, cve: "CVE-2013-0714", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, impactScore: 10, integrityImpact: "COMPLETE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "IPA", availabilityImpact: "Complete", baseScore: 7.8, confidentialityImpact: "None", exploitabilityScore: null, id: "JVNDB-2013-000021", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2013-02002", impactScore: 6.9, integrityImpact: "NONE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "09730b60-2353-11e6-abef-000c29c66e3d", impactScore: 6.9, integrityImpact: "NONE", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.9 [IVD]", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2013-0714", trust: 1, value: "HIGH", }, { author: "IPA", id: "JVNDB-2013-000021", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2013-02002", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201303-408", trust: 0.6, value: "CRITICAL", }, { author: "IVD", id: "09730b60-2353-11e6-abef-000c29c66e3d", trust: 0.2, value: "CRITICAL", }, ], }, ], sources: [ { db: "IVD", id: "09730b60-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-02002", }, { db: "JVNDB", id: "JVNDB-2013-000021", }, { db: "NVD", id: "CVE-2013-0714", }, { db: "CNNVD", id: "CNNVD-201303-408", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote attackers to execute arbitrary code or cause a denial of service (daemon hang) via a crafted public-key authentication request. The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability. The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability due to an issue in the processing authentication requests. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. In addition, arbitrary code may be executed on the server. VxWorks is an embedded real-time operating system. Wind River VxWorks is a set of real-time operating systems for the Internet of Things developed by Wind River. \nVulnerabilities in IPSSH (aka SSH Server) in Wind River VxWorks 6.5 to 6.9. VxWorks is prone to a denial-of-service vulnerability. \nAn attacker can exploit this issue to cause an affected SSH access to be unavailable, denying service to legitimate users. Due to the nature of this issue, arbitrary code-execution may be possible; however this has not been confirmed. \nVxWorks 6.5 through version 6.9 are vulnerable; other versions may also be affected. Vendor affected: TP-Link (http://tp-link.com)\n\nProducts affected:\n * All TP-Link VxWorks-based devices (confirmed by vendor)\n * All \"2-series\" switches (confirmed by vendor)\n * TL-SG2008 semi-managed switch (confirmed by vendor)\n * TL-SG2216 semi-managed switch (confirmed by vendor)\n * TL-SG2424 semi-managed switch (confirmed by vendor)\n * TL-SG2424P semi-managed switch (confirmed by vendor)\n * TL-SG2452 semi-managed switch (confirmed by vendor)\n\nVulnerabilities:\n * All previously-reported VxWorks vulnerabilities from 6.6.0 on;\n at the very least:\n * CVE-2013-0716 (confirmed by vendor)\n * CVE-2013-0715 (confirmed by vendor)\n * CVE-2013-0714 (confirmed by vendor)\n * CVE-2013-0713 (confirmed by vendor)\n * CVE-2013-0712 (confirmed by vendor)\n * CVE-2013-0711 (confirmed by vendor)\n * CVE-2010-2967 (confirmed by vendor)\n * CVE-2010-2966 (confirmed by vendor)\n * CVE-2008-2476 (confirmed by vendor)\n * SSLv2 is available and cannot be disabled unless HTTPS is\n completely disabled (allows downgrade attacks)\n (confirmed by vendor)\n * SSL (v2, v3) offers insecure cipher suites and HMACs which cannot\n be disabled (allows downgrade attacks)\n (confirmed by vendor)\n\nDesign flaws:\n * Telnet is available and cannot be disabled (confirmed by vendor)\n * SSHv1 enabled by default if SSH is enabled (confirmed by vendor)\n\nVendor response:\n TP-Link are not convinced that these flaws should be repaired. \n\n TP-Link's Internet presence -- or at least DNS -- is available only\n intermittently. Most emails bounced. Lost contact with vendor, but\n did confirm that development lead is now on holiday and will not\n return for at least a week. \n\n Initial vendor reaction was to recommend purchase of \"3-series\"\n switches. Vendor did not offer reasons why \"3-series\" switches would\n be more secure, apart from lack of telnet service. Vendor confirmed\n that no development time can be allocated to securing \"2-series\"\n product and all focus has shifted to newer products. \n\n (TL-SG2008 first product availability July 2014...)\n\n Vendor deeply confused about security of DES/3DES, MD5, claimed that\n all security is relative. (\"...[E]ven SHA-1 can be cracked, they just\n have different security level.\")\n\nFix availability:\n None. \n\nWork-arounds advised:\n None possible. Remove products from network", sources: [ { db: "NVD", id: "CVE-2013-0714", }, { db: "JVNDB", id: "JVNDB-2013-000021", }, { db: "CNVD", id: "CNVD-2013-02002", }, { db: "CNNVD", id: "CNNVD-201303-408", }, { db: "BID", id: "58642", }, { db: "IVD", id: "09730b60-2353-11e6-abef-000c29c66e3d", }, { db: "PACKETSTORM", id: "128512", }, ], trust: 3.24, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2013-0714", trust: 3.6, }, { db: "JVNDB", id: "JVNDB-2013-000021", trust: 3, }, { db: "JVN", id: "JVN20671901", trust: 2.4, }, { db: "ICS CERT", id: "ICSA-13-091-01", trust: 1.8, }, { db: "CNVD", id: "CNVD-2013-02002", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201303-408", trust: 0.8, }, { db: "JVN", id: "JVN#20671901", trust: 0.6, }, { db: "BID", id: "58642", trust: 0.3, }, { db: "IVD", id: "09730B60-2353-11E6-ABEF-000C29C66E3D", trust: 0.2, }, { db: "PACKETSTORM", id: "128512", trust: 0.1, }, ], sources: [ { db: "IVD", id: "09730b60-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-02002", }, { db: "BID", id: "58642", }, { db: "JVNDB", id: "JVNDB-2013-000021", }, { db: "PACKETSTORM", id: "128512", }, { db: "NVD", id: "CVE-2013-0714", }, { db: "CNNVD", id: "CNNVD-201303-408", }, ], }, id: "VAR-201303-0235", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "09730b60-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-02002", }, ], trust: 1.28058823, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "IoT", "ICS", ], sub_category: null, trust: 0.6, }, { category: [ "ICS", ], sub_category: null, trust: 0.2, }, ], sources: [ { db: "IVD", id: "09730b60-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-02002", }, ], }, last_update_date: "2023-12-18T11:26:43.385000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Information from Wind River Systems", trust: 0.8, url: "http://jvn.jp/en/jp/jvn20671901/995359/index.html", }, { title: "Patch for VxWorks SSH server (IPSSH) Denial of Service Vulnerability (CNVD-2013-02002)", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/32972", }, ], sources: [ { db: "CNVD", id: "CNVD-2013-02002", }, { db: "JVNDB", id: "JVNDB-2013-000021", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-20", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2013-0714", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.4, url: "http://jvn.jp/en/jp/jvn20671901/index.html", }, { trust: 1.8, url: "http://ics-cert.us-cert.gov/advisories/icsa-13-091-01", }, { trust: 1.6, url: "http://jvn.jp/en/jp/jvn20671901/995359/index.html", }, { trust: 1.6, url: "http://jvndb.jvn.jp/jvndb/jvndb-2013-000021", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0714", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0714", }, { trust: 0.6, url: "http://jvndb.jvn.jp/en/contents/2013/jvndb-2013-000021.html", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2010-2966", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0713", }, { trust: 0.1, url: "http://tp-link.com)", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0715", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2010-2967", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2008-2476", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0716", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0712", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0711", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0714", }, ], sources: [ { db: "CNVD", id: "CNVD-2013-02002", }, { db: "JVNDB", id: "JVNDB-2013-000021", }, { db: "PACKETSTORM", id: "128512", }, { db: "NVD", id: "CVE-2013-0714", }, { db: "CNNVD", id: "CNNVD-201303-408", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "09730b60-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-02002", }, { db: "BID", id: "58642", }, { db: "JVNDB", id: "JVNDB-2013-000021", }, { db: "PACKETSTORM", id: "128512", }, { db: "NVD", id: "CVE-2013-0714", }, { db: "CNNVD", id: "CNNVD-201303-408", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2013-03-25T00:00:00", db: "IVD", id: "09730b60-2353-11e6-abef-000c29c66e3d", }, { date: "2013-03-25T00:00:00", db: "CNVD", id: "CNVD-2013-02002", }, { date: "2013-03-18T00:00:00", db: "BID", id: "58642", }, { date: "2013-03-18T00:00:00", db: "JVNDB", id: "JVNDB-2013-000021", }, { date: "2014-10-01T10:11:11", db: "PACKETSTORM", id: "128512", }, { date: "2013-03-20T18:55:01.767000", db: "NVD", id: "CVE-2013-0714", }, { date: "2013-03-21T00:00:00", db: "CNNVD", id: "CNNVD-201303-408", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2013-05-24T00:00:00", db: "CNVD", id: "CNVD-2013-02002", }, { date: "2015-03-19T08:10:00", db: "BID", id: "58642", }, { date: "2013-06-25T00:00:00", db: "JVNDB", id: "JVNDB-2013-000021", }, { date: "2013-05-21T03:23:04.157000", db: "NVD", id: "CVE-2013-0714", }, { date: "2013-04-25T00:00:00", db: "CNNVD", id: "CNNVD-201303-408", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201303-408", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2013-000021", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Input validation", sources: [ { db: "IVD", id: "09730b60-2353-11e6-abef-000c29c66e3d", }, { db: "CNNVD", id: "CNNVD-201303-408", }, ], trust: 0.8, }, }
var-201908-0706
Vulnerability from variot
Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Leak in the IGMPv3 client component. There is an IPNET security vulnerability: IGMP Information leak via IGMPv3 specific membership report. The vulnerability stems from the process of constructing command parameters from external input data. The network system or product does not properly filter the special characters in the parameters. An attacker could exploit the vulnerability to execute an illegal command. This vulnerability stems from improper management of system resources (such as memory, disk space, files, etc.) by network systems or products. The following products and versions are affected: Wind River Systems VxWorks Version 7, Version 6.9, Version 6.8, Version 6.7, Version 6.6. A vulnerability in the IGMPv3 client component of Wind River VxWorks could allow unauthenticated, remote malicious user to access sensitive information on a targeted system.
Proof-of-concept (PoC) code that demonstrates an exploit of this vulnerability is publicly available
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201908-0706", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: null, scope: "eq", trust: 2.4, vendor: "sonicos", version: "*", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.5.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.6.1", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.0.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "5.9.0.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.4.0.", }, { model: "e-series santricity os controller", scope: "gte", trust: 1, vendor: "netapp", version: "8.00", }, { model: "sonicos", scope: "eq", trust: 1, vendor: "sonicwall", version: "6.2.7.0", }, { model: "power meter 9410", scope: "lt", trust: 1, vendor: "siemens", version: "2.2.1", }, { model: "ruggedcom win7025", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.2.3", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "5.9.1.0.", }, { model: "ruggedcom win7200", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.7.0", }, { model: "sonicos", scope: "eq", trust: 1, vendor: "sonicwall", version: "6.2.7.1", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.3.1", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.2.04", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.1.4", }, { model: "sonicos", scope: "eq", trust: 1, vendor: "sonicwall", version: "6.2.7.7", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.0.07", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.5.3", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "5.9.1.12", }, { model: "vxworks", scope: "lt", trust: 1, vendor: "windriver", version: "6.9.4.12", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.9.2", }, { model: "vxworks", scope: "gte", trust: 1, vendor: "windriver", version: "6.5", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.0.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.6.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.4.3", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.4.3", }, { model: "ruggedcom win7000", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "power meter 9810", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "siprotec 5", scope: "lt", trust: 1, vendor: "siemens", version: "7.91", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.7.4", }, { model: "siprotec 5", scope: "lt", trust: 1, vendor: "siemens", version: "7.59", }, { model: "garrettcom magnum dx940e", scope: "lte", trust: 1, vendor: "belden", version: "1.0.1_y7", }, { model: "e-series santricity os controller", scope: "lte", trust: 1, vendor: "netapp", version: "8.40.50.00", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.1.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.9.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "5.9.0.7", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.5.01", }, { model: "ruggedcom win7018", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.3.0", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "05.3.06", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.0.3", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.2.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.4.0", }, { model: "vxworks", scope: "eq", trust: 1, vendor: "windriver", version: "7.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.3.3", }, { model: "e-series santricity os controller", scope: null, trust: 0.8, vendor: "netapp", version: null, }, { model: "siprotec 5", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "sonicos", scope: null, trust: 0.8, vendor: "sonicwall", version: null, }, { model: "vxworks", scope: null, trust: 0.8, vendor: "ウインドリバー株式会社", version: null, }, { model: null, scope: "eq", trust: 0.6, vendor: "siprotec 5", version: "*", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.9", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.8", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.7", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.6", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.5", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.6", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.7", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.8", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.9.3", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.9.4", }, { model: null, scope: "eq", trust: 0.2, vendor: "e series santricity os controller", version: "*", }, { model: null, scope: "eq", trust: 0.2, vendor: "sonicos", version: "6.2.7.0", }, { model: null, scope: "eq", trust: 0.2, vendor: "sonicos", version: "6.2.7.1", }, { model: null, scope: "eq", trust: 0.2, vendor: "sonicos", version: "6.2.7.7", }, ], sources: [ { db: "IVD", id: "14a30265-6509-41d2-8c7a-3a278582ea2a", }, { db: "CNVD", id: "CNVD-2019-25707", }, { db: "JVNDB", id: "JVNDB-2019-007852", }, { db: "NVD", id: "CVE-2019-12265", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:windriver:vxworks:7.0:-:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "6.9.4.12", versionStartIncluding: "6.5", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.4.3", versionStartIncluding: "6.5.4.0.", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.3.3", versionStartIncluding: "6.5.3.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.2.3", versionStartIncluding: "6.5.2.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.1.4", versionStartIncluding: "6.5.1.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.0.3", versionStartIncluding: "6.5.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.7.4", versionStartIncluding: "6.2.7.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.6.1", versionStartIncluding: "6.2.6.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.5.3", versionStartIncluding: "6.2.5.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.4.3", versionStartIncluding: "6.2.4.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.3.1", versionStartIncluding: "6.2.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.9.1.12", versionStartIncluding: "5.9.1.0.", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.9.0.7", versionStartIncluding: "5.9.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:6.2.7.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:6.2.7.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:6.2.7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.9.2", versionStartIncluding: "6.2.9.0", vulnerable: true, }, ], operator: "OR", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp300", cpe_name: [], versionEndExcluding: "7.91", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp200", cpe_name: [], versionEndExcluding: "7.59", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp300", cpe_name: [], versionEndExcluding: "7.91", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "8.40.50.00", versionStartIncluding: "8.00", vulnerable: true, }, ], operator: "OR", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:power_meter_9410_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.2.1", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:power_meter_9410:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:power_meter_9810_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:power_meter_9810:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7018_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7018:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7025_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7025:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7200:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.0.07", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rail_switch_power_lite:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rail_switch_power_smart:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_red25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1042:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1142:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1020:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1120:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1030:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1130:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eesx20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eesx30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_ees20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_ees25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp32:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe32:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe35:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe37:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp35:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.5.01", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_octopus_os3:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.2.04", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_dragon_mach4000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_dragon_mach4500:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "05.3.06", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle_one:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:garrettcom_magnum_dx940e_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "1.0.1_y7", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:garrettcom_magnum_dx940e:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2019-12265", }, ], }, cve: "CVE-2019-12265", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, impactScore: 2.9, integrityImpact: "NONE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "None", baseScore: 5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2019-12265", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.9, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 4.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 6.5, id: "CNVD-2019-25707", impactScore: 4.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.6, vectorString: "AV:A/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 4.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 6.5, id: "14a30265-6509-41d2-8c7a-3a278582ea2a", impactScore: 4.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.2, vectorString: "AV:A/AC:L/Au:N/C:P/I:N/A:P", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-143994", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:N/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 3.9, impactScore: 1.4, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 5.3, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2019-12265", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2019-12265", trust: 1.8, value: "MEDIUM", }, { author: "CNVD", id: "CNVD-2019-25707", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201907-1489", trust: 0.6, value: "MEDIUM", }, { author: "IVD", id: "14a30265-6509-41d2-8c7a-3a278582ea2a", trust: 0.2, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-143994", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2019-12265", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "IVD", id: "14a30265-6509-41d2-8c7a-3a278582ea2a", }, { db: "CNVD", id: "CNVD-2019-25707", }, { db: "VULHUB", id: "VHN-143994", }, { db: "VULMON", id: "CVE-2019-12265", }, { db: "JVNDB", id: "JVNDB-2019-007852", }, { db: "NVD", id: "CVE-2019-12265", }, { db: "CNNVD", id: "CNNVD-201907-1489", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Leak in the IGMPv3 client component. There is an IPNET security vulnerability: IGMP Information leak via IGMPv3 specific membership report. The vulnerability stems from the process of constructing command parameters from external input data. The network system or product does not properly filter the special characters in the parameters. An attacker could exploit the vulnerability to execute an illegal command. This vulnerability stems from improper management of system resources (such as memory, disk space, files, etc.) by network systems or products. The following products and versions are affected: Wind River Systems VxWorks Version 7, Version 6.9, Version 6.8, Version 6.7, Version 6.6. A vulnerability in the IGMPv3 client component of Wind River VxWorks could allow unauthenticated, remote malicious user to access sensitive information on a targeted system. \n\nProof-of-concept (PoC) code that demonstrates an exploit of this vulnerability is publicly available", sources: [ { db: "NVD", id: "CVE-2019-12265", }, { db: "JVNDB", id: "JVNDB-2019-007852", }, { db: "CNVD", id: "CNVD-2019-25707", }, { db: "IVD", id: "14a30265-6509-41d2-8c7a-3a278582ea2a", }, { db: "VULHUB", id: "VHN-143994", }, { db: "VULMON", id: "CVE-2019-12265", }, ], trust: 2.52, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-12265", trust: 4.2, }, { db: "SIEMENS", id: "SSA-352504", trust: 1.8, }, { db: "SIEMENS", id: "SSA-189842", trust: 1.8, }, { db: "SIEMENS", id: "SSA-632562", trust: 1.8, }, { db: "ICS CERT", id: "ICSA-19-274-01", trust: 1.4, }, { db: "ICS CERT", id: "ICSA-19-211-01", trust: 1.4, }, { db: "ICS CERT", id: "ICSMA-19-274-01", trust: 1.4, }, { db: "CNNVD", id: "CNNVD-201907-1489", trust: 0.9, }, { db: "ICS CERT", id: "ICSA-23-320-10", trust: 0.9, }, { db: "CNVD", id: "CNVD-2019-25707", trust: 0.8, }, { db: "JVN", id: "JVNVU92598492", trust: 0.8, }, { db: "JVN", id: "JVNVU92467308", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2019-007852", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2019.3695.5", trust: 0.6, }, { db: "AUSCERT", id: "ASB-2019.0224", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.3245", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.2856", trust: 0.6, }, { db: "IVD", id: "14A30265-6509-41D2-8C7A-3A278582EA2A", trust: 0.2, }, { db: "VULHUB", id: "VHN-143994", trust: 0.1, }, { db: "VULMON", id: "CVE-2019-12265", trust: 0.1, }, ], sources: [ { db: "IVD", id: "14a30265-6509-41d2-8c7a-3a278582ea2a", }, { db: "CNVD", id: "CNVD-2019-25707", }, { db: "VULHUB", id: "VHN-143994", }, { db: "VULMON", id: "CVE-2019-12265", }, { db: "JVNDB", id: "JVNDB-2019-007852", }, { db: "NVD", id: "CVE-2019-12265", }, { db: "CNNVD", id: "CNNVD-201907-1489", }, ], }, id: "VAR-201908-0706", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "14a30265-6509-41d2-8c7a-3a278582ea2a", }, { db: "CNVD", id: "CNVD-2019-25707", }, { db: "VULHUB", id: "VHN-143994", }, ], trust: 1.38913044, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "14a30265-6509-41d2-8c7a-3a278582ea2a", }, { db: "CNVD", id: "CNVD-2019-25707", }, ], }, last_update_date: "2023-12-18T11:30:06.499000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Security Notices Siemens Siemens Security Advisory", trust: 0.8, url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { title: "Patch for Wind River Systems VxWorks Parameter Injection Vulnerability (CNVD-2019-25707)", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/172953", }, { title: "Wind River Systems VxWorks Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=95604", }, { title: "The Register", trust: 0.2, url: "https://www.theregister.co.uk/2019/07/29/wind_river_patches_vxworks/", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=1f919286ef48798d96223ef4d2143337", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=2dd69ca01b84b80e09672fedb1c26f51", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=99fa839be73f2df819a67c27caa912f8", }, { title: "Fortinet Security Advisories: Wind River VxWorks IPnet TCP/IP Stack Vulnerabilities (aka. URGENT/11)", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=fortinet_security_advisories&qid=fg-ir-19-222", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-25707", }, { db: "VULMON", id: "CVE-2019-12265", }, { db: "JVNDB", id: "JVNDB-2019-007852", }, { db: "CNNVD", id: "CNNVD-201907-1489", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-401", trust: 1.1, }, { problemtype: "resource management issues (CWE-399) [NVD evaluation ]", trust: 0.8, }, { problemtype: "CWE-399", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-143994", }, { db: "JVNDB", id: "JVNDB-2019-007852", }, { db: "NVD", id: "CVE-2019-12265", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.3, url: "https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2019-12265", }, { trust: 1.8, url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { trust: 1.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { trust: 1.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { trust: 1.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { trust: 1.8, url: "https://psirt.global.sonicwall.com/vuln-detail/snwlid-2019-0009", }, { trust: 1.8, url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { trust: 1.8, url: "https://support.f5.com/csp/article/k41190253", }, { trust: 1.8, url: "https://support2.windriver.com/index.php?page=security-notices", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-12265", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsa-19-274-01", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsma-19-274-01", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsa-19-211-01", }, { trust: 0.9, url: "https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-10", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu92467308/", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu92598492/index.html", }, { trust: 0.6, url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/security-advisory-ipnet/security-advisory-ipnet.pdf", }, { trust: 0.6, url: "https://www.tenable.com/blog/critical-vulnerabilities-dubbed-urgent11-place-devices-running-vxworks-at-risk-of-rce-attacks", }, { trust: 0.6, url: "https://fortiguard.com/psirt/fg-ir-19-222", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.3695.5/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.2856/", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/wind-river-vxworks-multiple-vulnerabilities-via-ipnet-29905", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/asb-2019.0224/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.3245/", }, { trust: 0.1, url: "https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2019-12265", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/401.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "http://tools.cisco.com/security/center/viewalert.x?alertid=60689", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-25707", }, { db: "VULHUB", id: "VHN-143994", }, { db: "VULMON", id: "CVE-2019-12265", }, { db: "JVNDB", id: "JVNDB-2019-007852", }, { db: "NVD", id: "CVE-2019-12265", }, { db: "CNNVD", id: "CNNVD-201907-1489", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "14a30265-6509-41d2-8c7a-3a278582ea2a", }, { db: "CNVD", id: "CNVD-2019-25707", }, { db: "VULHUB", id: "VHN-143994", }, { db: "VULMON", id: "CVE-2019-12265", }, { db: "JVNDB", id: "JVNDB-2019-007852", }, { db: "NVD", id: "CVE-2019-12265", }, { db: "CNNVD", id: "CNNVD-201907-1489", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-08-02T00:00:00", db: "IVD", id: "14a30265-6509-41d2-8c7a-3a278582ea2a", }, { date: "2019-08-02T00:00:00", db: "CNVD", id: "CNVD-2019-25707", }, { date: "2019-08-09T00:00:00", db: "VULHUB", id: "VHN-143994", }, { date: "2019-08-09T00:00:00", db: "VULMON", id: "CVE-2019-12265", }, { date: "2019-08-21T00:00:00", db: "JVNDB", id: "JVNDB-2019-007852", }, { date: "2019-08-09T19:15:11.327000", db: "NVD", id: "CVE-2019-12265", }, { date: "2019-07-29T00:00:00", db: "CNNVD", id: "CNNVD-201907-1489", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-08-02T00:00:00", db: "CNVD", id: "CNVD-2019-25707", }, { date: "2020-08-24T00:00:00", db: "VULHUB", id: "VHN-143994", }, { date: "2022-08-12T00:00:00", db: "VULMON", id: "CVE-2019-12265", }, { date: "2023-11-21T01:26:00", db: "JVNDB", id: "JVNDB-2019-007852", }, { date: "2022-08-12T18:44:44.460000", db: "NVD", id: "CVE-2019-12265", }, { date: "2022-03-10T00:00:00", db: "CNNVD", id: "CNNVD-201907-1489", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201907-1489", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River VxWorks Vulnerabilities related to resource management in", sources: [ { db: "JVNDB", id: "JVNDB-2019-007852", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Resource management error", sources: [ { db: "IVD", id: "14a30265-6509-41d2-8c7a-3a278582ea2a", }, { db: "CNNVD", id: "CNNVD-201907-1489", }, ], trust: 0.8, }, }
var-201908-0703
Vulnerability from variot
Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and 7 has Incorrect Access Control in the RARP client component. IPNET security vulnerability: Handling of unsolicited Reverse ARP replies (Logical Flaw). (DoS) It may be in a state. An attacker could use this vulnerability to send a reverse ARP response to the affected system to assign a unicast IPv4 address to the target. An attacker could exploit this vulnerability by sending RARP packets that submit malicious input to the targeted system. A successful exploit could allow the malicious user to perform unauthorized actions which could be used to affect the availability and integrity of the system.
Proof-of-concept (PoC) code that demonstrates an exploit of this vulnerability is publicly available
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201908-0703", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "ruggedcom win7200", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "vxworks", scope: "eq", trust: 1, vendor: "windriver", version: "6.9", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.5.01", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "05.3.06", }, { model: "ruggedcom win7018", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "vxworks", scope: "eq", trust: 1, vendor: "windriver", version: "6.8", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.2.04", }, { model: "ruggedcom win7000", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "vxworks", scope: "eq", trust: 1, vendor: "windriver", version: "6.7", }, { model: "vxworks", scope: "eq", trust: 1, vendor: "windriver", version: "6.6", }, { model: "ruggedcom win7025", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.0.07", }, { model: "vxworks", scope: "eq", trust: 1, vendor: "windriver", version: "7.0", }, { model: "garrettcom magnum dx940e", scope: "lte", trust: 1, vendor: "belden", version: "1.0.1_y7", }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "ウインドリバー株式会社", version: "6.8", }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "ウインドリバー株式会社", version: "7", }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "ウインドリバー株式会社", version: "6.9", }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "ウインドリバー株式会社", version: null, }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "ウインドリバー株式会社", version: "6.6", }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "ウインドリバー株式会社", version: "6.7", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.9", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.8", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.7", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.6", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.6", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.7", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.8", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.9", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "7", }, ], sources: [ { db: "IVD", id: "28b6fd21-74b7-4849-aeb5-514937d68966", }, { db: "CNVD", id: "CNVD-2019-25702", }, { db: "JVNDB", id: "JVNDB-2019-008557", }, { db: "NVD", id: "CVE-2019-12262", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.9:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.0.07", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rail_switch_power_lite:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rail_switch_power_smart:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_red25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1042:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1142:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1020:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1120:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1030:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1130:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eesx20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_ees20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_ees25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eesx30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp32:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp35:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe32:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe35:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe37:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.5.01", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_octopus_os3:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.2.04", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_dragon_mach4000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_dragon_mach4500:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "05.3.06", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle_one:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:garrettcom_magnum_dx940e_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "1.0.1_y7", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:garrettcom_magnum_dx940e:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7018_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7018:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7025_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7025:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7200:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2019-12262", }, ], }, cve: "CVE-2019-12262", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 7.5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2019-12262", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.9, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 6.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 6.5, id: "CNVD-2019-25702", impactScore: 7.8, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.6, vectorString: "AV:A/AC:L/Au:N/C:P/I:N/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "COMPLETE", baseScore: 6.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 6.5, id: "28b6fd21-74b7-4849-aeb5-514937d68966", impactScore: 7.8, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.2, vectorString: "AV:A/AC:L/Au:N/C:P/I:N/A:C", version: "2.9 [IVD]", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2019-12262", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2019-12262", trust: 1.8, value: "CRITICAL", }, { author: "CNVD", id: "CNVD-2019-25702", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201907-1491", trust: 0.6, value: "CRITICAL", }, { author: "IVD", id: "28b6fd21-74b7-4849-aeb5-514937d68966", trust: 0.2, value: "CRITICAL", }, { author: "VULMON", id: "CVE-2019-12262", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "IVD", id: "28b6fd21-74b7-4849-aeb5-514937d68966", }, { db: "CNVD", id: "CNVD-2019-25702", }, { db: "VULMON", id: "CVE-2019-12262", }, { db: "JVNDB", id: "JVNDB-2019-008557", }, { db: "NVD", id: "CVE-2019-12262", }, { db: "CNNVD", id: "CNNVD-201907-1491", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and 7 has Incorrect Access Control in the RARP client component. IPNET security vulnerability: Handling of unsolicited Reverse ARP replies (Logical Flaw). (DoS) It may be in a state. An attacker could use this vulnerability to send a reverse ARP response to the affected system to assign a unicast IPv4 address to the target. An attacker could exploit this vulnerability by sending RARP packets that submit malicious input to the targeted system. A successful exploit could allow the malicious user to perform unauthorized actions which could be used to affect the availability and integrity of the system. \n\nProof-of-concept (PoC) code that demonstrates an exploit of this vulnerability is publicly available", sources: [ { db: "NVD", id: "CVE-2019-12262", }, { db: "JVNDB", id: "JVNDB-2019-008557", }, { db: "CNVD", id: "CNVD-2019-25702", }, { db: "IVD", id: "28b6fd21-74b7-4849-aeb5-514937d68966", }, { db: "VULMON", id: "CVE-2019-12262", }, ], trust: 2.43, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-12262", trust: 4.1, }, { db: "SIEMENS", id: "SSA-189842", trust: 1.7, }, { db: "SIEMENS", id: "SSA-352504", trust: 1.7, }, { db: "ICS CERT", id: "ICSA-19-274-01", trust: 1.4, }, { db: "ICS CERT", id: "ICSA-19-211-01", trust: 1.4, }, { db: "ICS CERT", id: "ICSMA-19-274-01", trust: 1.4, }, { db: "ICS CERT", id: "ICSA-23-320-10", trust: 0.9, }, { db: "CNVD", id: "CNVD-2019-25702", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201907-1491", trust: 0.8, }, { db: "JVN", id: "JVNVU92598492", trust: 0.8, }, { db: "JVN", id: "JVNVU92467308", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2019-008557", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2019.3695.5", trust: 0.6, }, { db: "AUSCERT", id: "ASB-2019.0224", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.3245", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.2856", trust: 0.6, }, { db: "IVD", id: "28B6FD21-74B7-4849-AEB5-514937D68966", trust: 0.2, }, { db: "VULMON", id: "CVE-2019-12262", trust: 0.1, }, ], sources: [ { db: "IVD", id: "28b6fd21-74b7-4849-aeb5-514937d68966", }, { db: "CNVD", id: "CNVD-2019-25702", }, { db: "VULMON", id: "CVE-2019-12262", }, { db: "JVNDB", id: "JVNDB-2019-008557", }, { db: "NVD", id: "CVE-2019-12262", }, { db: "CNNVD", id: "CNNVD-201907-1491", }, ], }, id: "VAR-201908-0703", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "28b6fd21-74b7-4849-aeb5-514937d68966", }, { db: "CNVD", id: "CNVD-2019-25702", }, ], trust: 1.28913044, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "28b6fd21-74b7-4849-aeb5-514937d68966", }, { db: "CNVD", id: "CNVD-2019-25702", }, ], }, last_update_date: "2023-12-18T11:50:55.006000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "CVE-2019-12262", trust: 0.8, url: "https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2019-12262", }, { title: "Patch for Wind River Systems VxWorks Parameter Injection Vulnerability (CNVD-2019-25702)", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/172951", }, { title: "Wind River Systems VxWorks Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=95606", }, { title: "The Register", trust: 0.2, url: "https://www.theregister.co.uk/2019/07/29/wind_river_patches_vxworks/", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=1f919286ef48798d96223ef4d2143337", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=2dd69ca01b84b80e09672fedb1c26f51", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=99fa839be73f2df819a67c27caa912f8", }, { title: "Fortinet Security Advisories: Wind River VxWorks IPnet TCP/IP Stack Vulnerabilities (aka. URGENT/11)", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=fortinet_security_advisories&qid=fg-ir-19-222", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-25702", }, { db: "VULMON", id: "CVE-2019-12262", }, { db: "JVNDB", id: "JVNDB-2019-008557", }, { db: "CNNVD", id: "CNNVD-201907-1491", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "NVD-CWE-noinfo", trust: 1, }, { problemtype: "Inappropriate access control (CWE-284) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-008557", }, { db: "NVD", id: "CVE-2019-12262", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-12262", }, { trust: 1.7, url: "https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2019-12262", }, { trust: 1.7, url: "https://support.f5.com/csp/article/k41190253", }, { trust: 1.7, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { trust: 1.7, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsa-19-274-01", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsma-19-274-01", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsa-19-211-01", }, { trust: 0.9, url: "https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-10", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu92467308/", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu92598492/", }, { trust: 0.6, url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/security-advisory-ipnet/security-advisory-ipnet.pdf", }, { trust: 0.6, url: "https://www.tenable.com/blog/critical-vulnerabilities-dubbed-urgent11-place-devices-running-vxworks-at-risk-of-rce-attacks", }, { trust: 0.6, url: "https://fortiguard.com/psirt/fg-ir-19-222", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.3695.5/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.2856/", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/wind-river-vxworks-multiple-vulnerabilities-via-ipnet-29905", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/asb-2019.0224/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.3245/", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/.html", }, { trust: 0.1, url: "http://tools.cisco.com/security/center/viewalert.x?alertid=60687", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-25702", }, { db: "VULMON", id: "CVE-2019-12262", }, { db: "JVNDB", id: "JVNDB-2019-008557", }, { db: "NVD", id: "CVE-2019-12262", }, { db: "CNNVD", id: "CNNVD-201907-1491", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "28b6fd21-74b7-4849-aeb5-514937d68966", }, { db: "CNVD", id: "CNVD-2019-25702", }, { db: "VULMON", id: "CVE-2019-12262", }, { db: "JVNDB", id: "JVNDB-2019-008557", }, { db: "NVD", id: "CVE-2019-12262", }, { db: "CNNVD", id: "CNNVD-201907-1491", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-08-02T00:00:00", db: "IVD", id: "28b6fd21-74b7-4849-aeb5-514937d68966", }, { date: "2019-08-02T00:00:00", db: "CNVD", id: "CNVD-2019-25702", }, { date: "2019-08-14T00:00:00", db: "VULMON", id: "CVE-2019-12262", }, { date: "2019-09-03T00:00:00", db: "JVNDB", id: "JVNDB-2019-008557", }, { date: "2019-08-14T20:15:11.573000", db: "NVD", id: "CVE-2019-12262", }, { date: "2019-07-29T00:00:00", db: "CNNVD", id: "CNNVD-201907-1491", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-08-02T00:00:00", db: "CNVD", id: "CNVD-2019-25702", }, { date: "2022-06-16T00:00:00", db: "VULMON", id: "CVE-2019-12262", }, { date: "2023-11-21T01:21:00", db: "JVNDB", id: "JVNDB-2019-008557", }, { date: "2022-06-16T18:10:35.597000", db: "NVD", id: "CVE-2019-12262", }, { date: "2020-08-25T00:00:00", db: "CNNVD", id: "CNNVD-201907-1491", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201907-1491", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River VxWorks access control vulnerabilities in", sources: [ { db: "JVNDB", id: "JVNDB-2019-008557", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Access control error", sources: [ { db: "IVD", id: "28b6fd21-74b7-4849-aeb5-514937d68966", }, { db: "CNNVD", id: "CNNVD-201907-1491", }, ], trust: 0.8, }, }
var-201303-0236
Vulnerability from variot
The WebCLI component in Wind River VxWorks 5.5 through 6.9 allows remote authenticated users to cause a denial of service (CLI session crash) via a crafted command string. The VxWorks WebCLI contains a denial-of-service (DoS) vulnerability. The VxWorks WebCLI contains a denial-of-service (DoS) vulnerability due to an issue in parsing command strings. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.An attacker that can login to a CLI session may cause the current CLI session to crash. VxWorks is an embedded real-time operating system. A denial of service vulnerability exists in VxWorks WebCLI. VxWorks 5.5 through 6.9 are vulnerable; other versions may also be affected. Vendor affected: TP-Link (http://tp-link.com)
Products affected: * All TP-Link VxWorks-based devices (confirmed by vendor) * All "2-series" switches (confirmed by vendor) * TL-SG2008 semi-managed switch (confirmed by vendor) * TL-SG2216 semi-managed switch (confirmed by vendor) * TL-SG2424 semi-managed switch (confirmed by vendor) * TL-SG2424P semi-managed switch (confirmed by vendor) * TL-SG2452 semi-managed switch (confirmed by vendor)
Vulnerabilities: * All previously-reported VxWorks vulnerabilities from 6.6.0 on; at the very least: * CVE-2013-0716 (confirmed by vendor) * CVE-2013-0715 (confirmed by vendor) * CVE-2013-0714 (confirmed by vendor) * CVE-2013-0713 (confirmed by vendor) * CVE-2013-0712 (confirmed by vendor) * CVE-2013-0711 (confirmed by vendor) * CVE-2010-2967 (confirmed by vendor) * CVE-2010-2966 (confirmed by vendor) * CVE-2008-2476 (confirmed by vendor) * SSLv2 is available and cannot be disabled unless HTTPS is completely disabled (allows downgrade attacks) (confirmed by vendor) * SSL (v2, v3) offers insecure cipher suites and HMACs which cannot be disabled (allows downgrade attacks) (confirmed by vendor)
Design flaws: * Telnet is available and cannot be disabled (confirmed by vendor) * SSHv1 enabled by default if SSH is enabled (confirmed by vendor)
Vendor response: TP-Link are not convinced that these flaws should be repaired.
TP-Link's Internet presence -- or at least DNS -- is available only intermittently. Most emails bounced. Lost contact with vendor, but did confirm that development lead is now on holiday and will not return for at least a week.
Initial vendor reaction was to recommend purchase of "3-series" switches. Vendor did not offer reasons why "3-series" switches would be more secure, apart from lack of telnet service. Vendor confirmed that no development time can be allocated to securing "2-series" product and all focus has shifted to newer products.
(TL-SG2008 first product availability July 2014...)
Vendor deeply confused about security of DES/3DES, MD5, claimed that all security is relative. ("...[E]ven SHA-1 can be cracked, they just have different security level.")
Fix availability: None.
Work-arounds advised: None possible. Remove products from network
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201303-0236", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.8", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.7", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.6", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.9", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.5", }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "wind river", version: "5.5 through 6.9", }, { model: "river systems vxworks through", scope: "eq", trust: 0.6, vendor: "wind", version: "5.56.9", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.5", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.6", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.7", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.8", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.9", }, ], sources: [ { db: "IVD", id: "096d2164-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-02009", }, { db: "JVNDB", id: "JVNDB-2013-000022", }, { db: "NVD", id: "CVE-2013-0715", }, { db: "CNNVD", id: "CNNVD-201303-409", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.9:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2013-0715", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories", sources: [ { db: "BID", id: "58640", }, ], trust: 0.3, }, cve: "CVE-2013-0715", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", exploitabilityScore: 8, impactScore: 2.9, integrityImpact: "NONE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "Single", author: "IPA", availabilityImpact: "Complete", baseScore: 6.8, confidentialityImpact: "None", exploitabilityScore: null, id: "JVNDB-2013-000022", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 6.8, confidentialityImpact: "NONE", exploitabilityScore: 8, id: "CNVD-2013-02009", impactScore: 6.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "IVD", availabilityImpact: "COMPLETE", baseScore: 6.8, confidentialityImpact: "NONE", exploitabilityScore: 8, id: "096d2164-2353-11e6-abef-000c29c66e3d", impactScore: 6.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.2, vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:C", version: "2.9 [IVD]", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2013-0715", trust: 1, value: "MEDIUM", }, { author: "IPA", id: "JVNDB-2013-000022", trust: 0.8, value: "Medium", }, { author: "CNVD", id: "CNVD-2013-02009", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201303-409", trust: 0.6, value: "MEDIUM", }, { author: "IVD", id: "096d2164-2353-11e6-abef-000c29c66e3d", trust: 0.2, value: "MEDIUM", }, ], }, ], sources: [ { db: "IVD", id: "096d2164-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-02009", }, { db: "JVNDB", id: "JVNDB-2013-000022", }, { db: "NVD", id: "CVE-2013-0715", }, { db: "CNNVD", id: "CNNVD-201303-409", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "The WebCLI component in Wind River VxWorks 5.5 through 6.9 allows remote authenticated users to cause a denial of service (CLI session crash) via a crafted command string. The VxWorks WebCLI contains a denial-of-service (DoS) vulnerability. The VxWorks WebCLI contains a denial-of-service (DoS) vulnerability due to an issue in parsing command strings. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.An attacker that can login to a CLI session may cause the current CLI session to crash. VxWorks is an embedded real-time operating system. A denial of service vulnerability exists in VxWorks WebCLI. \nVxWorks 5.5 through 6.9 are vulnerable; other versions may also be affected. Vendor affected: TP-Link (http://tp-link.com)\n\nProducts affected:\n * All TP-Link VxWorks-based devices (confirmed by vendor)\n * All \"2-series\" switches (confirmed by vendor)\n * TL-SG2008 semi-managed switch (confirmed by vendor)\n * TL-SG2216 semi-managed switch (confirmed by vendor)\n * TL-SG2424 semi-managed switch (confirmed by vendor)\n * TL-SG2424P semi-managed switch (confirmed by vendor)\n * TL-SG2452 semi-managed switch (confirmed by vendor)\n\nVulnerabilities:\n * All previously-reported VxWorks vulnerabilities from 6.6.0 on;\n at the very least:\n * CVE-2013-0716 (confirmed by vendor)\n * CVE-2013-0715 (confirmed by vendor)\n * CVE-2013-0714 (confirmed by vendor)\n * CVE-2013-0713 (confirmed by vendor)\n * CVE-2013-0712 (confirmed by vendor)\n * CVE-2013-0711 (confirmed by vendor)\n * CVE-2010-2967 (confirmed by vendor)\n * CVE-2010-2966 (confirmed by vendor)\n * CVE-2008-2476 (confirmed by vendor)\n * SSLv2 is available and cannot be disabled unless HTTPS is\n completely disabled (allows downgrade attacks)\n (confirmed by vendor)\n * SSL (v2, v3) offers insecure cipher suites and HMACs which cannot\n be disabled (allows downgrade attacks)\n (confirmed by vendor)\n\nDesign flaws:\n * Telnet is available and cannot be disabled (confirmed by vendor)\n * SSHv1 enabled by default if SSH is enabled (confirmed by vendor)\n\nVendor response:\n TP-Link are not convinced that these flaws should be repaired. \n\n TP-Link's Internet presence -- or at least DNS -- is available only\n intermittently. Most emails bounced. Lost contact with vendor, but\n did confirm that development lead is now on holiday and will not\n return for at least a week. \n\n Initial vendor reaction was to recommend purchase of \"3-series\"\n switches. Vendor did not offer reasons why \"3-series\" switches would\n be more secure, apart from lack of telnet service. Vendor confirmed\n that no development time can be allocated to securing \"2-series\"\n product and all focus has shifted to newer products. \n\n (TL-SG2008 first product availability July 2014...)\n\n Vendor deeply confused about security of DES/3DES, MD5, claimed that\n all security is relative. (\"...[E]ven SHA-1 can be cracked, they just\n have different security level.\")\n\nFix availability:\n None. \n\nWork-arounds advised:\n None possible. Remove products from network", sources: [ { db: "NVD", id: "CVE-2013-0715", }, { db: "JVNDB", id: "JVNDB-2013-000022", }, { db: "CNVD", id: "CNVD-2013-02009", }, { db: "BID", id: "58640", }, { db: "IVD", id: "096d2164-2353-11e6-abef-000c29c66e3d", }, { db: "PACKETSTORM", id: "128512", }, ], trust: 2.7, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2013-0715", trust: 3.6, }, { db: "JVNDB", id: "JVNDB-2013-000022", trust: 3, }, { db: "JVN", id: "JVN65923092", trust: 2.4, }, { db: "ICS CERT", id: "ICSA-13-091-01", trust: 1.8, }, { db: "CNVD", id: "CNVD-2013-02009", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201303-409", trust: 0.8, }, { db: "JVN", id: "JVN#65923092", trust: 0.6, }, { db: "BID", id: "58640", trust: 0.3, }, { db: "IVD", id: "096D2164-2353-11E6-ABEF-000C29C66E3D", trust: 0.2, }, { db: "PACKETSTORM", id: "128512", trust: 0.1, }, ], sources: [ { db: "IVD", id: "096d2164-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-02009", }, { db: "BID", id: "58640", }, { db: "JVNDB", id: "JVNDB-2013-000022", }, { db: "PACKETSTORM", id: "128512", }, { db: "NVD", id: "CVE-2013-0715", }, { db: "CNNVD", id: "CNNVD-201303-409", }, ], }, id: "VAR-201303-0236", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "096d2164-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-02009", }, ], trust: 1.28058823, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "IoT", "ICS", ], sub_category: null, trust: 0.6, }, { category: [ "ICS", ], sub_category: null, trust: 0.2, }, ], sources: [ { db: "IVD", id: "096d2164-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-02009", }, ], }, last_update_date: "2023-12-18T11:05:19.138000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Information from Wind River Systems ", trust: 0.8, url: "http://jvn.jp/en/jp/jvn65923092/995359/index.html", }, { title: "Patch for VxWorks WebCLI Denial of Service Vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/32973", }, ], sources: [ { db: "CNVD", id: "CNVD-2013-02009", }, { db: "JVNDB", id: "JVNDB-2013-000022", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-20", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2013-0715", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.4, url: "http://jvn.jp/en/jp/jvn65923092/index.html", }, { trust: 1.8, url: "http://ics-cert.us-cert.gov/advisories/icsa-13-091-01", }, { trust: 1.6, url: "http://jvn.jp/en/jp/jvn65923092/995359/index.html", }, { trust: 1.6, url: "http://jvndb.jvn.jp/jvndb/jvndb-2013-000022", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0715", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0715", }, { trust: 0.6, url: "http://jvndb.jvn.jp/en/contents/2013/jvndb-2013-000022.html", }, { trust: 0.3, url: "http://www.windriver.com/", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2010-2966", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0713", }, { trust: 0.1, url: "http://tp-link.com)", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0715", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2010-2967", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2008-2476", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0716", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0712", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0711", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0714", }, ], sources: [ { db: "CNVD", id: "CNVD-2013-02009", }, { db: "BID", id: "58640", }, { db: "JVNDB", id: "JVNDB-2013-000022", }, { db: "PACKETSTORM", id: "128512", }, { db: "NVD", id: "CVE-2013-0715", }, { db: "CNNVD", id: "CNNVD-201303-409", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "096d2164-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-02009", }, { db: "BID", id: "58640", }, { db: "JVNDB", id: "JVNDB-2013-000022", }, { db: "PACKETSTORM", id: "128512", }, { db: "NVD", id: "CVE-2013-0715", }, { db: "CNNVD", id: "CNNVD-201303-409", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2013-03-25T00:00:00", db: "IVD", id: "096d2164-2353-11e6-abef-000c29c66e3d", }, { date: "2013-03-25T00:00:00", db: "CNVD", id: "CNVD-2013-02009", }, { date: "2013-03-18T00:00:00", db: "BID", id: "58640", }, { date: "2013-03-18T00:00:00", db: "JVNDB", id: "JVNDB-2013-000022", }, { date: "2014-10-01T10:11:11", db: "PACKETSTORM", id: "128512", }, { date: "2013-03-20T18:55:01.787000", db: "NVD", id: "CVE-2013-0715", }, { date: "2013-03-21T00:00:00", db: "CNNVD", id: "CNNVD-201303-409", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2013-05-26T00:00:00", db: "CNVD", id: "CNVD-2013-02009", }, { date: "2013-04-02T06:47:00", db: "BID", id: "58640", }, { date: "2013-06-25T00:00:00", db: "JVNDB", id: "JVNDB-2013-000022", }, { date: "2013-05-21T03:23:04.237000", db: "NVD", id: "CVE-2013-0715", }, { date: "2013-03-21T00:00:00", db: "CNNVD", id: "CNNVD-201303-409", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201303-409", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "VxWorks WebCLI Denial of service vulnerability", sources: [ { db: "IVD", id: "096d2164-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-02009", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Input validation", sources: [ { db: "IVD", id: "096d2164-2353-11e6-abef-000c29c66e3d", }, { db: "CNNVD", id: "CNNVD-201303-409", }, ], trust: 0.8, }, }
var-201303-0234
Vulnerability from variot
IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote authenticated users to cause a denial of service (daemon outage) via a crafted pty request. The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability. The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service vulnerability due to an issue in processing pty requests. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.Receiving a specially crafted pty request packet may cause SSH access to be unavailable until the next reboot. VxWorks is an embedded real-time operating system. An attacker can cause a denial of service through a specially crafted private request. VxWorks is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause an affected SSH access to be unavailable, denying service to legitimate users. VxWorks version 6.5 through version 6.9 are vulnerable; other versions may also be affected. Vendor affected: TP-Link (http://tp-link.com)
Products affected: * All TP-Link VxWorks-based devices (confirmed by vendor) * All "2-series" switches (confirmed by vendor) * TL-SG2008 semi-managed switch (confirmed by vendor) * TL-SG2216 semi-managed switch (confirmed by vendor) * TL-SG2424 semi-managed switch (confirmed by vendor) * TL-SG2424P semi-managed switch (confirmed by vendor) * TL-SG2452 semi-managed switch (confirmed by vendor)
Vulnerabilities: * All previously-reported VxWorks vulnerabilities from 6.6.0 on; at the very least: * CVE-2013-0716 (confirmed by vendor) * CVE-2013-0715 (confirmed by vendor) * CVE-2013-0714 (confirmed by vendor) * CVE-2013-0713 (confirmed by vendor) * CVE-2013-0712 (confirmed by vendor) * CVE-2013-0711 (confirmed by vendor) * CVE-2010-2967 (confirmed by vendor) * CVE-2010-2966 (confirmed by vendor) * CVE-2008-2476 (confirmed by vendor) * SSLv2 is available and cannot be disabled unless HTTPS is completely disabled (allows downgrade attacks) (confirmed by vendor) * SSL (v2, v3) offers insecure cipher suites and HMACs which cannot be disabled (allows downgrade attacks) (confirmed by vendor)
Design flaws: * Telnet is available and cannot be disabled (confirmed by vendor) * SSHv1 enabled by default if SSH is enabled (confirmed by vendor)
Vendor response: TP-Link are not convinced that these flaws should be repaired.
TP-Link's Internet presence -- or at least DNS -- is available only intermittently. Most emails bounced. Lost contact with vendor, but did confirm that development lead is now on holiday and will not return for at least a week.
Initial vendor reaction was to recommend purchase of "3-series" switches. Vendor did not offer reasons why "3-series" switches would be more secure, apart from lack of telnet service. Vendor confirmed that no development time can be allocated to securing "2-series" product and all focus has shifted to newer products.
(TL-SG2008 first product availability July 2014...)
Vendor deeply confused about security of DES/3DES, MD5, claimed that all security is relative. ("...[E]ven SHA-1 can be cracked, they just have different security level.")
Fix availability: None.
Work-arounds advised: None possible. Remove products from network
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201303-0234", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.8", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.7", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.6", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.9", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.5", }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "wind river", version: "6.5 through 6.9", }, { model: "river systems vxworks through", scope: "eq", trust: 0.6, vendor: "wind", version: "6.56.9", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.5", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.6", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.7", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.8", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.9", }, ], sources: [ { db: "IVD", id: "09789d6e-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-01998", }, { db: "JVNDB", id: "JVNDB-2013-000020", }, { db: "NVD", id: "CVE-2013-0713", }, { db: "CNNVD", id: "CNNVD-201303-407", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.9:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2013-0713", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd", sources: [ { db: "BID", id: "58639", }, ], trust: 0.3, }, cve: "CVE-2013-0713", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "NVD", availabilityImpact: "COMPLETE", baseScore: 6.8, confidentialityImpact: "NONE", exploitabilityScore: 8, impactScore: 6.9, integrityImpact: "NONE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "Single", author: "IPA", availabilityImpact: "Complete", baseScore: 6.8, confidentialityImpact: "None", exploitabilityScore: null, id: "JVNDB-2013-000020", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 6.8, confidentialityImpact: "NONE", exploitabilityScore: 8, id: "CNVD-2013-01998", impactScore: 6.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "IVD", availabilityImpact: "COMPLETE", baseScore: 6.8, confidentialityImpact: "NONE", exploitabilityScore: 8, id: "09789d6e-2353-11e6-abef-000c29c66e3d", impactScore: 6.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.2, vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:C", version: "2.9 [IVD]", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2013-0713", trust: 1, value: "MEDIUM", }, { author: "IPA", id: "JVNDB-2013-000020", trust: 0.8, value: "Medium", }, { author: "CNVD", id: "CNVD-2013-01998", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201303-407", trust: 0.6, value: "MEDIUM", }, { author: "IVD", id: "09789d6e-2353-11e6-abef-000c29c66e3d", trust: 0.2, value: "MEDIUM", }, ], }, ], sources: [ { db: "IVD", id: "09789d6e-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-01998", }, { db: "JVNDB", id: "JVNDB-2013-000020", }, { db: "NVD", id: "CVE-2013-0713", }, { db: "CNNVD", id: "CNNVD-201303-407", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote authenticated users to cause a denial of service (daemon outage) via a crafted pty request. The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability. The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service vulnerability due to an issue in processing pty requests. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.Receiving a specially crafted pty request packet may cause SSH access to be unavailable until the next reboot. VxWorks is an embedded real-time operating system. An attacker can cause a denial of service through a specially crafted private request. VxWorks is prone to a denial-of-service vulnerability. \nAn attacker can exploit this issue to cause an affected SSH access to be unavailable, denying service to legitimate users. \nVxWorks version 6.5 through version 6.9 are vulnerable; other versions may also be affected. Vendor affected: TP-Link (http://tp-link.com)\n\nProducts affected:\n * All TP-Link VxWorks-based devices (confirmed by vendor)\n * All \"2-series\" switches (confirmed by vendor)\n * TL-SG2008 semi-managed switch (confirmed by vendor)\n * TL-SG2216 semi-managed switch (confirmed by vendor)\n * TL-SG2424 semi-managed switch (confirmed by vendor)\n * TL-SG2424P semi-managed switch (confirmed by vendor)\n * TL-SG2452 semi-managed switch (confirmed by vendor)\n\nVulnerabilities:\n * All previously-reported VxWorks vulnerabilities from 6.6.0 on;\n at the very least:\n * CVE-2013-0716 (confirmed by vendor)\n * CVE-2013-0715 (confirmed by vendor)\n * CVE-2013-0714 (confirmed by vendor)\n * CVE-2013-0713 (confirmed by vendor)\n * CVE-2013-0712 (confirmed by vendor)\n * CVE-2013-0711 (confirmed by vendor)\n * CVE-2010-2967 (confirmed by vendor)\n * CVE-2010-2966 (confirmed by vendor)\n * CVE-2008-2476 (confirmed by vendor)\n * SSLv2 is available and cannot be disabled unless HTTPS is\n completely disabled (allows downgrade attacks)\n (confirmed by vendor)\n * SSL (v2, v3) offers insecure cipher suites and HMACs which cannot\n be disabled (allows downgrade attacks)\n (confirmed by vendor)\n\nDesign flaws:\n * Telnet is available and cannot be disabled (confirmed by vendor)\n * SSHv1 enabled by default if SSH is enabled (confirmed by vendor)\n\nVendor response:\n TP-Link are not convinced that these flaws should be repaired. \n\n TP-Link's Internet presence -- or at least DNS -- is available only\n intermittently. Most emails bounced. Lost contact with vendor, but\n did confirm that development lead is now on holiday and will not\n return for at least a week. \n\n Initial vendor reaction was to recommend purchase of \"3-series\"\n switches. Vendor did not offer reasons why \"3-series\" switches would\n be more secure, apart from lack of telnet service. Vendor confirmed\n that no development time can be allocated to securing \"2-series\"\n product and all focus has shifted to newer products. \n\n (TL-SG2008 first product availability July 2014...)\n\n Vendor deeply confused about security of DES/3DES, MD5, claimed that\n all security is relative. (\"...[E]ven SHA-1 can be cracked, they just\n have different security level.\")\n\nFix availability:\n None. \n\nWork-arounds advised:\n None possible. Remove products from network", sources: [ { db: "NVD", id: "CVE-2013-0713", }, { db: "JVNDB", id: "JVNDB-2013-000020", }, { db: "CNVD", id: "CNVD-2013-01998", }, { db: "BID", id: "58639", }, { db: "IVD", id: "09789d6e-2353-11e6-abef-000c29c66e3d", }, { db: "PACKETSTORM", id: "128512", }, ], trust: 2.7, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2013-0713", trust: 3.6, }, { db: "JVNDB", id: "JVNDB-2013-000020", trust: 3, }, { db: "JVN", id: "JVN52492830", trust: 2.4, }, { db: "ICS CERT", id: "ICSA-13-091-01", trust: 1.8, }, { db: "CNVD", id: "CNVD-2013-01998", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201303-407", trust: 0.8, }, { db: "JVN", id: "JVN#52492830", trust: 0.6, }, { db: "BID", id: "58639", trust: 0.3, }, { db: "IVD", id: "09789D6E-2353-11E6-ABEF-000C29C66E3D", trust: 0.2, }, { db: "PACKETSTORM", id: "128512", trust: 0.1, }, ], sources: [ { db: "IVD", id: "09789d6e-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-01998", }, { db: "BID", id: "58639", }, { db: "JVNDB", id: "JVNDB-2013-000020", }, { db: "PACKETSTORM", id: "128512", }, { db: "NVD", id: "CVE-2013-0713", }, { db: "CNNVD", id: "CNNVD-201303-407", }, ], }, id: "VAR-201303-0234", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "09789d6e-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-01998", }, ], trust: 1.28058823, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "IoT", "ICS", ], sub_category: null, trust: 0.6, }, { category: [ "ICS", ], sub_category: null, trust: 0.2, }, ], sources: [ { db: "IVD", id: "09789d6e-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-01998", }, ], }, last_update_date: "2023-12-18T11:51:25.764000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Information from Wind River Systems", trust: 0.8, url: "http://jvn.jp/en/jp/jvn52492830/995359/index.html", }, { title: "Patch for VxWorks SSH server (IPSSH) Denial of Service Vulnerability (CNVD-2013-01998)", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/32971", }, ], sources: [ { db: "CNVD", id: "CNVD-2013-01998", }, { db: "JVNDB", id: "JVNDB-2013-000020", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-20", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2013-0713", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.4, url: "http://jvn.jp/en/jp/jvn52492830/index.html", }, { trust: 1.8, url: "http://ics-cert.us-cert.gov/advisories/icsa-13-091-01", }, { trust: 1.6, url: "http://jvn.jp/en/jp/jvn52492830/995359/index.html", }, { trust: 1.6, url: "http://jvndb.jvn.jp/jvndb/jvndb-2013-000020", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0713", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0713", }, { trust: 0.6, url: "http://jvndb.jvn.jp/en/contents/2013/jvndb-2013-000020.html", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2010-2966", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0713", }, { trust: 0.1, url: "http://tp-link.com)", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0715", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2010-2967", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2008-2476", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0716", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0712", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0711", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0714", }, ], sources: [ { db: "CNVD", id: "CNVD-2013-01998", }, { db: "JVNDB", id: "JVNDB-2013-000020", }, { db: "PACKETSTORM", id: "128512", }, { db: "NVD", id: "CVE-2013-0713", }, { db: "CNNVD", id: "CNNVD-201303-407", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "09789d6e-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-01998", }, { db: "BID", id: "58639", }, { db: "JVNDB", id: "JVNDB-2013-000020", }, { db: "PACKETSTORM", id: "128512", }, { db: "NVD", id: "CVE-2013-0713", }, { db: "CNNVD", id: "CNNVD-201303-407", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2013-03-25T00:00:00", db: "IVD", id: "09789d6e-2353-11e6-abef-000c29c66e3d", }, { date: "2013-03-25T00:00:00", db: "CNVD", id: "CNVD-2013-01998", }, { date: "2013-03-18T00:00:00", db: "BID", id: "58639", }, { date: "2013-03-18T00:00:00", db: "JVNDB", id: "JVNDB-2013-000020", }, { date: "2014-10-01T10:11:11", db: "PACKETSTORM", id: "128512", }, { date: "2013-03-20T18:55:01.747000", db: "NVD", id: "CVE-2013-0713", }, { date: "2013-03-21T00:00:00", db: "CNNVD", id: "CNNVD-201303-407", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2013-03-25T00:00:00", db: "CNVD", id: "CNVD-2013-01998", }, { date: "2015-03-19T09:17:00", db: "BID", id: "58639", }, { date: "2013-06-25T00:00:00", db: "JVNDB", id: "JVNDB-2013-000020", }, { date: "2013-05-21T03:23:04.073000", db: "NVD", id: "CVE-2013-0713", }, { date: "2013-03-21T00:00:00", db: "CNNVD", id: "CNNVD-201303-407", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201303-407", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2013-000020", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Input validation", sources: [ { db: "IVD", id: "09789d6e-2353-11e6-abef-000c29c66e3d", }, { db: "CNNVD", id: "CNNVD-201303-407", }, ], trust: 0.8, }, }
var-201908-0701
Vulnerability from variot
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option. Wind River VxWorks Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Wind River Systems VxWorks is an embedded real-time operating system (RTOS) from Wind River Systems. A buffer overflow vulnerability exists in VxWorks 7 and 6.9. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. A vulnerability in Wind River VxWorks could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition or execute arbitrary code on a targeted system. An attacker could exploit this vulnerability by sending crafted HTTP requests to the targeted system. A successful exploit could allow the malicious user to execute arbitrary code or cause a DoS condition on the targeted system
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201908-0701", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: null, scope: "eq", trust: 2.6, vendor: "sonicos", version: "*", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.5.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.6.1", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.0.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "5.9.0.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.4.0.", }, { model: "e-series santricity os controller", scope: "gte", trust: 1, vendor: "netapp", version: "8.00", }, { model: "sonicos", scope: "eq", trust: 1, vendor: "sonicwall", version: "6.2.7.0", }, { model: "power meter 9410", scope: "lt", trust: 1, vendor: "siemens", version: "2.2.1", }, { model: "ruggedcom win7025", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.2.3", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "5.9.1.0.", }, { model: "ruggedcom win7200", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.7.0", }, { model: "sonicos", scope: "eq", trust: 1, vendor: "sonicwall", version: "6.2.7.1", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.3.1", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.2.04", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.1.4", }, { model: "sonicos", scope: "eq", trust: 1, vendor: "sonicwall", version: "6.2.7.7", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.0.07", }, { model: "communications eagle", scope: "lte", trust: 1, vendor: "oracle", version: "46.8.2", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.5.3", }, { model: "communications eagle", scope: "gte", trust: 1, vendor: "oracle", version: "46.6.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "5.9.1.12", }, { model: "vxworks", scope: "lt", trust: 1, vendor: "windriver", version: "6.9.4.12", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.9.2", }, { model: "vxworks", scope: "gte", trust: 1, vendor: "windriver", version: "6.5", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.0.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.6.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.4.3", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.4.3", }, { model: "ruggedcom win7000", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "power meter 9810", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "siprotec 5", scope: "lt", trust: 1, vendor: "siemens", version: "7.59", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.2.7.4", }, { model: "siprotec 5", scope: "lt", trust: 1, vendor: "siemens", version: "7.91", }, { model: "garrettcom magnum dx940e", scope: "lte", trust: 1, vendor: "belden", version: "1.0.1_y7", }, { model: "e-series santricity os controller", scope: "lte", trust: 1, vendor: "netapp", version: "8.40.50.00", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.1.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.9.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "5.9.0.7", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.5.01", }, { model: "ruggedcom win7018", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.3.0", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "05.3.06", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.0.3", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.5.2.0", }, { model: "sonicos", scope: "gte", trust: 1, vendor: "sonicwall", version: "6.2.4.0", }, { model: "vxworks", scope: "eq", trust: 1, vendor: "windriver", version: "7.0", }, { model: "sonicos", scope: "lte", trust: 1, vendor: "sonicwall", version: "6.5.3.3", }, { model: "e-series santricity os controller", scope: null, trust: 0.8, vendor: "netapp", version: null, }, { model: "siprotec 5", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "sonicos", scope: null, trust: 0.8, vendor: "sonicwall", version: null, }, { model: "vxworks", scope: null, trust: 0.8, vendor: "ウインドリバー株式会社", version: null, }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.9", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.8", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.7", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.6", }, { model: null, scope: "eq", trust: 0.4, vendor: "siprotec 5", version: "*", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.9", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "7", }, { model: null, scope: "eq", trust: 0.2, vendor: "e series santricity os controller", version: "*", }, { model: null, scope: "eq", trust: 0.2, vendor: "sonicos", version: "6.2.7.1", }, { model: null, scope: "eq", trust: 0.2, vendor: "sonicos", version: "6.2.7.7", }, ], sources: [ { db: "IVD", id: "22963aaa-b2c7-42d9-91ee-9128da8fe4c7", }, { db: "CNVD", id: "CNVD-2019-25705", }, { db: "JVNDB", id: "JVNDB-2019-007839", }, { db: "NVD", id: "CVE-2019-12260", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:windriver:vxworks:7.0:-:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "6.9.4.12", versionStartIncluding: "6.5", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.4.3", versionStartIncluding: "6.5.4.0.", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.3.3", versionStartIncluding: "6.5.3.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.2.3", versionStartIncluding: "6.5.2.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.1.4", versionStartIncluding: "6.5.1.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.5.0.3", versionStartIncluding: "6.5.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.7.4", versionStartIncluding: "6.2.7.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.6.1", versionStartIncluding: "6.2.6.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.5.3", versionStartIncluding: "6.2.5.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.4.3", versionStartIncluding: "6.2.4.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.3.1", versionStartIncluding: "6.2.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.9.1.12", versionStartIncluding: "5.9.1.0.", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.9.0.7", versionStartIncluding: "5.9.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:6.2.7.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:6.2.7.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:6.2.7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.9.2", versionStartIncluding: "6.2.9.0", vulnerable: true, }, ], operator: "OR", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp200", cpe_name: [], versionEndExcluding: "7.59", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "8.40.50.00", versionStartIncluding: "8.00", vulnerable: true, }, ], operator: "OR", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp300", cpe_name: [], versionEndExcluding: "7.91", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:power_meter_9410_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.2.1", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:power_meter_9410:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:power_meter_9810_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:power_meter_9810:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7018_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7018:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7025_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7025:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7200:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:oracle:communications_eagle:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "46.8.2", versionStartIncluding: "46.6.0", vulnerable: true, }, ], operator: "OR", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.0.07", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rail_switch_power_lite:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rail_switch_power_smart:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_red25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1042:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1142:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1020:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1120:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1030:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1130:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eesx20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eesx30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_ees20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_ees25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp32:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe32:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe35:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe37:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp35:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.5.01", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_octopus_os3:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.2.04", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_dragon_mach4000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_dragon_mach4500:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "05.3.06", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle_one:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:garrettcom_magnum_dx940e_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "1.0.1_y7", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:garrettcom_magnum_dx940e:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2019-12260", }, ], }, cve: "CVE-2019-12260", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 7.5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2019-12260", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.9, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "CNVD-2019-25705", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "22963aaa-b2c7-42d9-91ee-9128da8fe4c7", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-143989", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2019-12260", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2019-12260", trust: 1.8, value: "CRITICAL", }, { author: "CNVD", id: "CNVD-2019-25705", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201907-1496", trust: 0.6, value: "CRITICAL", }, { author: "IVD", id: "22963aaa-b2c7-42d9-91ee-9128da8fe4c7", trust: 0.2, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-143989", trust: 0.1, value: "HIGH", }, { author: "VULMON", id: "CVE-2019-12260", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "IVD", id: "22963aaa-b2c7-42d9-91ee-9128da8fe4c7", }, { db: "CNVD", id: "CNVD-2019-25705", }, { db: "VULHUB", id: "VHN-143989", }, { db: "VULMON", id: "CVE-2019-12260", }, { db: "JVNDB", id: "JVNDB-2019-007839", }, { db: "NVD", id: "CVE-2019-12260", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-201907-1496", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option. Wind River VxWorks Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Wind River Systems VxWorks is an embedded real-time operating system (RTOS) from Wind River Systems. A buffer overflow vulnerability exists in VxWorks 7 and 6.9. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. A vulnerability in Wind River VxWorks could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition or execute arbitrary code on a targeted system. An attacker could exploit this vulnerability by sending crafted HTTP requests to the targeted system. A successful exploit could allow the malicious user to execute arbitrary code or cause a DoS condition on the targeted system", sources: [ { db: "NVD", id: "CVE-2019-12260", }, { db: "JVNDB", id: "JVNDB-2019-007839", }, { db: "CNVD", id: "CNVD-2019-25705", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "IVD", id: "22963aaa-b2c7-42d9-91ee-9128da8fe4c7", }, { db: "VULHUB", id: "VHN-143989", }, { db: "VULMON", id: "CVE-2019-12260", }, ], trust: 3.06, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-12260", trust: 4.2, }, { db: "SIEMENS", id: "SSA-352504", trust: 1.8, }, { db: "SIEMENS", id: "SSA-189842", trust: 1.8, }, { db: "SIEMENS", id: "SSA-632562", trust: 1.8, }, { db: "ICS CERT", id: "ICSA-19-274-01", trust: 1.4, }, { db: "ICS CERT", id: "ICSA-19-211-01", trust: 1.4, }, { db: "ICS CERT", id: "ICSMA-19-274-01", trust: 1.4, }, { db: "CNNVD", id: "CNNVD-201907-1496", trust: 0.9, }, { db: "ICS CERT", id: "ICSA-23-320-10", trust: 0.9, }, { db: "CNVD", id: "CNVD-2019-25705", trust: 0.8, }, { db: "JVN", id: "JVNVU92598492", trust: 0.8, }, { db: "JVN", id: "JVNVU92467308", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2019-007839", trust: 0.8, }, { db: "CS-HELP", id: "SB2021041363", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.3695.5", trust: 0.6, }, { db: "AUSCERT", id: "ASB-2019.0224", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.3245", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.2856", trust: 0.6, }, { db: "CS-HELP", id: "SB2021072138", trust: 0.6, }, { db: "IVD", id: "22963AAA-B2C7-42D9-91EE-9128DA8FE4C7", trust: 0.2, }, { db: "VULHUB", id: "VHN-143989", trust: 0.1, }, { db: "VULMON", id: "CVE-2019-12260", trust: 0.1, }, ], sources: [ { db: "IVD", id: "22963aaa-b2c7-42d9-91ee-9128da8fe4c7", }, { db: "CNVD", id: "CNVD-2019-25705", }, { db: "VULHUB", id: "VHN-143989", }, { db: "VULMON", id: "CVE-2019-12260", }, { db: "JVNDB", id: "JVNDB-2019-007839", }, { db: "NVD", id: "CVE-2019-12260", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-201907-1496", }, ], }, id: "VAR-201908-0701", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "22963aaa-b2c7-42d9-91ee-9128da8fe4c7", }, { db: "CNVD", id: "CNVD-2019-25705", }, { db: "VULHUB", id: "VHN-143989", }, ], trust: 1.38913044, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "22963aaa-b2c7-42d9-91ee-9128da8fe4c7", }, { db: "CNVD", id: "CNVD-2019-25705", }, ], }, last_update_date: "2023-12-18T11:21:46.241000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Security Notices Siemens Siemens Security Advisory", trust: 0.8, url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { title: "Patch for Wind River Systems VxWorks Buffer Overflow Vulnerability (CNVD-2019-25705)", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/172943", }, { title: "Wind River Systems VxWorks Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=95611", }, { title: "The Register", trust: 0.2, url: "https://www.theregister.co.uk/2019/07/29/wind_river_patches_vxworks/", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=1f919286ef48798d96223ef4d2143337", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=2dd69ca01b84b80e09672fedb1c26f51", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=99fa839be73f2df819a67c27caa912f8", }, { title: "Fortinet Security Advisories: Wind River VxWorks IPnet TCP/IP Stack Vulnerabilities (aka. URGENT/11)", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=fortinet_security_advisories&qid=fg-ir-19-222", }, { title: "Urgent11-Suricata-LUA-scripts", trust: 0.1, url: "https://github.com/sud0woodo/urgent11-suricata-lua-scripts ", }, { title: "urgent11-poc", trust: 0.1, url: "https://github.com/iweizime/urgent11-poc ", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-25705", }, { db: "VULMON", id: "CVE-2019-12260", }, { db: "JVNDB", id: "JVNDB-2019-007839", }, { db: "CNNVD", id: "CNNVD-201907-1496", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-120", trust: 1, }, { problemtype: "Buffer error (CWE-119) [NVD evaluation ]", trust: 0.8, }, { problemtype: "CWE-119", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-143989", }, { db: "JVNDB", id: "JVNDB-2019-007839", }, { db: "NVD", id: "CVE-2019-12260", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.4, url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { trust: 2.4, url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { trust: 2.3, url: "https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2019-12260", }, { trust: 1.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { trust: 1.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { trust: 1.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { trust: 1.8, url: "https://psirt.global.sonicwall.com/vuln-detail/snwlid-2019-0009", }, { trust: 1.8, url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { trust: 1.8, url: "https://support.f5.com/csp/article/k41190253", }, { trust: 1.8, url: "https://support2.windriver.com/index.php?page=security-notices", }, { trust: 1.8, url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-12260", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsa-19-274-01", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsma-19-274-01", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsa-19-211-01", }, { trust: 0.9, url: "https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-10", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu92467308/", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu92598492/", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041363", }, { trust: 0.6, url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/security-advisory-ipnet/security-advisory-ipnet.pdf", }, { trust: 0.6, url: "https://www.tenable.com/blog/critical-vulnerabilities-dubbed-urgent11-place-devices-running-vxworks-at-risk-of-rce-attacks", }, { trust: 0.6, url: "https://fortiguard.com/psirt/fg-ir-19-222", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.2856/", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021072138", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.3695.5/", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/wind-river-vxworks-multiple-vulnerabilities-via-ipnet-29905", }, { trust: 0.6, url: "https://www.oracle.com/security-alerts/cpujul2021.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/asb-2019.0224/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.3245/", }, { trust: 0.1, url: "https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2019-12260", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/120.html", }, { trust: 0.1, url: "http://tools.cisco.com/security/center/viewalert.x?alertid=60682", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://github.com/sud0woodo/urgent11-suricata-lua-scripts", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-25705", }, { db: "VULHUB", id: "VHN-143989", }, { db: "VULMON", id: "CVE-2019-12260", }, { db: "JVNDB", id: "JVNDB-2019-007839", }, { db: "NVD", id: "CVE-2019-12260", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-201907-1496", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "22963aaa-b2c7-42d9-91ee-9128da8fe4c7", }, { db: "CNVD", id: "CNVD-2019-25705", }, { db: "VULHUB", id: "VHN-143989", }, { db: "VULMON", id: "CVE-2019-12260", }, { db: "JVNDB", id: "JVNDB-2019-007839", }, { db: "NVD", id: "CVE-2019-12260", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-201907-1496", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-08-02T00:00:00", db: "IVD", id: "22963aaa-b2c7-42d9-91ee-9128da8fe4c7", }, { date: "2019-08-02T00:00:00", db: "CNVD", id: "CNVD-2019-25705", }, { date: "2019-08-09T00:00:00", db: "VULHUB", id: "VHN-143989", }, { date: "2019-08-09T00:00:00", db: "VULMON", id: "CVE-2019-12260", }, { date: "2019-08-21T00:00:00", db: "JVNDB", id: "JVNDB-2019-007839", }, { date: "2019-08-09T21:15:11", db: "NVD", id: "CVE-2019-12260", }, { date: "2021-04-13T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2019-07-29T00:00:00", db: "CNNVD", id: "CNNVD-201907-1496", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-08-02T00:00:00", db: "CNVD", id: "CNVD-2019-25705", }, { date: "2020-10-20T00:00:00", db: "VULHUB", id: "VHN-143989", }, { date: "2022-08-12T00:00:00", db: "VULMON", id: "CVE-2019-12260", }, { date: "2023-11-21T01:17:00", db: "JVNDB", id: "JVNDB-2019-007839", }, { date: "2022-08-12T18:44:36.213000", db: "NVD", id: "CVE-2019-12260", }, { date: "2021-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2022-03-10T00:00:00", db: "CNNVD", id: "CNNVD-201907-1496", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201907-1496", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River VxWorks Buffer error vulnerability in", sources: [ { db: "JVNDB", id: "JVNDB-2019-007839", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Buffer error", sources: [ { db: "IVD", id: "22963aaa-b2c7-42d9-91ee-9128da8fe4c7", }, { db: "CNNVD", id: "CNNVD-201907-1496", }, ], trust: 0.8, }, }
var-202004-0062
Vulnerability from variot
The IGMP component in VxWorks 6.8.3 IPNET CVE patches created in 2019 has a NULL Pointer Dereference. VxWorks To NULL A vulnerability exists regarding pointer dereference.Service operation interruption (DoS) It may be put into a state. Wind River Systems VxWorks is a set of embedded real-time operating systems (RTOS) from Wind River Systems. IGMP is one of the Internet group management protocol components.
IGMP components in Wind River Systems VxWorks have code issue vulnerabilities. The vulnerability stems from the problem of improper design or implementation in the code development process of network systems or products. There is currently no detailed vulnerability details provided
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0062", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "vxworks", scope: "eq", trust: 1, vendor: "windriver", version: "6.8.3", }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "wind river", version: "6.8.3", }, { model: "river systems vxworks", scope: null, trust: 0.6, vendor: "wind", version: null, }, { model: "vxworks", scope: "eq", trust: 0.1, vendor: "windriver", version: "5.5", }, { model: "vxworks", scope: "eq", trust: 0.1, vendor: "windriver", version: "6.4", }, { model: "vxworks", scope: "eq", trust: 0.1, vendor: "windriver", version: "6.6", }, { model: "vxworks", scope: "eq", trust: 0.1, vendor: "windriver", version: "6.7", }, { model: "vxworks", scope: "eq", trust: 0.1, vendor: "windriver", version: "6.8", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-32428", }, { db: "VULMON", id: "CVE-2020-10664", }, { db: "JVNDB", id: "JVNDB-2020-004664", }, { db: "NVD", id: "CVE-2020-10664", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.8.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2020-10664", }, ], }, cve: "CVE-2020-10664", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, impactScore: 2.9, integrityImpact: "NONE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 5, confidentialityImpact: "None", exploitabilityScore: null, id: "JVNDB-2020-004664", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2020-32428", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULMON", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CVE-2020-10664", impactScore: 2.9, integrityImpact: "NONE", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "MEDIUM", trust: 0.1, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.5, baseSeverity: "High", confidentialityImpact: "None", exploitabilityScore: null, id: "JVNDB-2020-004664", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2020-10664", trust: 1, value: "HIGH", }, { author: "NVD", id: "JVNDB-2020-004664", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2020-32428", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202004-2163", trust: 0.6, value: "HIGH", }, { author: "VULMON", id: "CVE-2020-10664", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-32428", }, { db: "VULMON", id: "CVE-2020-10664", }, { db: "JVNDB", id: "JVNDB-2020-004664", }, { db: "NVD", id: "CVE-2020-10664", }, { db: "CNNVD", id: "CNNVD-202004-2163", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "The IGMP component in VxWorks 6.8.3 IPNET CVE patches created in 2019 has a NULL Pointer Dereference. VxWorks To NULL A vulnerability exists regarding pointer dereference.Service operation interruption (DoS) It may be put into a state. Wind River Systems VxWorks is a set of embedded real-time operating systems (RTOS) from Wind River Systems. IGMP is one of the Internet group management protocol components. \n\r\n\r\nIGMP components in Wind River Systems VxWorks have code issue vulnerabilities. The vulnerability stems from the problem of improper design or implementation in the code development process of network systems or products. There is currently no detailed vulnerability details provided", sources: [ { db: "NVD", id: "CVE-2020-10664", }, { db: "JVNDB", id: "JVNDB-2020-004664", }, { db: "CNVD", id: "CNVD-2020-32428", }, { db: "VULMON", id: "CVE-2020-10664", }, ], trust: 2.25, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-10664", trust: 3.1, }, { db: "JVNDB", id: "JVNDB-2020-004664", trust: 0.8, }, { db: "CNVD", id: "CNVD-2020-32428", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202004-2163", trust: 0.6, }, { db: "VULMON", id: "CVE-2020-10664", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-32428", }, { db: "VULMON", id: "CVE-2020-10664", }, { db: "JVNDB", id: "JVNDB-2020-004664", }, { db: "NVD", id: "CVE-2020-10664", }, { db: "CNNVD", id: "CNNVD-202004-2163", }, ], }, id: "VAR-202004-0062", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-32428", }, ], trust: 0.93838382, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-32428", }, ], }, last_update_date: "2023-12-18T12:27:36.554000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "CVE-2020-10664", trust: 0.8, url: "https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2020-10664", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-004664", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-476", trust: 1.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-004664", }, { db: "NVD", id: "CVE-2020-10664", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2, url: "https://nvd.nist.gov/vuln/detail/cve-2020-10664", }, { trust: 1.7, url: "https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2020-10664", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10664", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/476.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-32428", }, { db: "VULMON", id: "CVE-2020-10664", }, { db: "JVNDB", id: "JVNDB-2020-004664", }, { db: "NVD", id: "CVE-2020-10664", }, { db: "CNNVD", id: "CNNVD-202004-2163", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-32428", }, { db: "VULMON", id: "CVE-2020-10664", }, { db: "JVNDB", id: "JVNDB-2020-004664", }, { db: "NVD", id: "CVE-2020-10664", }, { db: "CNNVD", id: "CNNVD-202004-2163", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-11T00:00:00", db: "CNVD", id: "CNVD-2020-32428", }, { date: "2020-04-27T00:00:00", db: "VULMON", id: "CVE-2020-10664", }, { date: "2020-05-25T00:00:00", db: "JVNDB", id: "JVNDB-2020-004664", }, { date: "2020-04-27T13:15:12.287000", db: "NVD", id: "CVE-2020-10664", }, { date: "2020-04-27T00:00:00", db: "CNNVD", id: "CNNVD-202004-2163", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-11T00:00:00", db: "CNVD", id: "CNVD-2020-32428", }, { date: "2021-02-22T00:00:00", db: "VULMON", id: "CVE-2020-10664", }, { date: "2020-05-25T00:00:00", db: "JVNDB", id: "JVNDB-2020-004664", }, { date: "2021-02-22T21:47:00.917000", db: "NVD", id: "CVE-2020-10664", }, { date: "2021-02-23T00:00:00", db: "CNNVD", id: "CNNVD-202004-2163", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202004-2163", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "VxWorks In NULL Pointer dereference vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2020-004664", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "code problem", sources: [ { db: "CNNVD", id: "CNNVD-202004-2163", }, ], trust: 0.6, }, }
var-201303-0233
Vulnerability from variot
IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote authenticated users to cause a denial of service (daemon outage) via a crafted packet. The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability. The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability due to an issue in the processing directly after the SSH connection is established. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.SSH access may become unavailable until the next reboot when receiving a specially crafted packet after a SSH connection is established. VxWorks is an embedded real-time operating system. An attacker can pass a specially crafted packet, causing a denial of service. VxWorks is prone to a denial-of-service vulnerability. Remote attackers can exploit this issue to cause denial-of-service conditions for legitimate users. VxWorks 6.5 through 6.9 are vulnerable; other versions may also be affected. Vendor affected: TP-Link (http://tp-link.com)
Products affected: * All TP-Link VxWorks-based devices (confirmed by vendor) * All "2-series" switches (confirmed by vendor) * TL-SG2008 semi-managed switch (confirmed by vendor) * TL-SG2216 semi-managed switch (confirmed by vendor) * TL-SG2424 semi-managed switch (confirmed by vendor) * TL-SG2424P semi-managed switch (confirmed by vendor) * TL-SG2452 semi-managed switch (confirmed by vendor)
Vulnerabilities: * All previously-reported VxWorks vulnerabilities from 6.6.0 on; at the very least: * CVE-2013-0716 (confirmed by vendor) * CVE-2013-0715 (confirmed by vendor) * CVE-2013-0714 (confirmed by vendor) * CVE-2013-0713 (confirmed by vendor) * CVE-2013-0712 (confirmed by vendor) * CVE-2013-0711 (confirmed by vendor) * CVE-2010-2967 (confirmed by vendor) * CVE-2010-2966 (confirmed by vendor) * CVE-2008-2476 (confirmed by vendor) * SSLv2 is available and cannot be disabled unless HTTPS is completely disabled (allows downgrade attacks) (confirmed by vendor) * SSL (v2, v3) offers insecure cipher suites and HMACs which cannot be disabled (allows downgrade attacks) (confirmed by vendor)
Design flaws: * Telnet is available and cannot be disabled (confirmed by vendor) * SSHv1 enabled by default if SSH is enabled (confirmed by vendor)
Vendor response: TP-Link are not convinced that these flaws should be repaired.
TP-Link's Internet presence -- or at least DNS -- is available only intermittently. Most emails bounced. Lost contact with vendor, but did confirm that development lead is now on holiday and will not return for at least a week.
Initial vendor reaction was to recommend purchase of "3-series" switches. Vendor did not offer reasons why "3-series" switches would be more secure, apart from lack of telnet service. Vendor confirmed that no development time can be allocated to securing "2-series" product and all focus has shifted to newer products.
(TL-SG2008 first product availability July 2014...)
Vendor deeply confused about security of DES/3DES, MD5, claimed that all security is relative. ("...[E]ven SHA-1 can be cracked, they just have different security level.")
Fix availability: None.
Work-arounds advised: None possible. Remove products from network
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201303-0233", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.8", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.7", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.6", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.9", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.5", }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "wind river", version: "6.5 through 6.9", }, { model: "river systems vxworks through", scope: "eq", trust: 0.6, vendor: "wind", version: "6.56.9", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.5", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.6", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.7", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.8", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.9", }, ], sources: [ { db: "IVD", id: "097d99c2-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-01997", }, { db: "JVNDB", id: "JVNDB-2013-000019", }, { db: "NVD", id: "CVE-2013-0712", }, { db: "CNNVD", id: "CNNVD-201303-406", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.9:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2013-0712", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd.", sources: [ { db: "BID", id: "58643", }, ], trust: 0.3, }, cve: "CVE-2013-0712", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "NVD", availabilityImpact: "COMPLETE", baseScore: 6.8, confidentialityImpact: "NONE", exploitabilityScore: 8, impactScore: 6.9, integrityImpact: "NONE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "Single", author: "IPA", availabilityImpact: "Complete", baseScore: 6.8, confidentialityImpact: "None", exploitabilityScore: null, id: "JVNDB-2013-000019", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 6.8, confidentialityImpact: "NONE", exploitabilityScore: 8, id: "CNVD-2013-01997", impactScore: 6.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "IVD", availabilityImpact: "COMPLETE", baseScore: 6.8, confidentialityImpact: "NONE", exploitabilityScore: 8, id: "097d99c2-2353-11e6-abef-000c29c66e3d", impactScore: 6.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.2, vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:C", version: "2.9 [IVD]", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2013-0712", trust: 1, value: "MEDIUM", }, { author: "IPA", id: "JVNDB-2013-000019", trust: 0.8, value: "Medium", }, { author: "CNVD", id: "CNVD-2013-01997", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201303-406", trust: 0.6, value: "MEDIUM", }, { author: "IVD", id: "097d99c2-2353-11e6-abef-000c29c66e3d", trust: 0.2, value: "MEDIUM", }, ], }, ], sources: [ { db: "IVD", id: "097d99c2-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-01997", }, { db: "JVNDB", id: "JVNDB-2013-000019", }, { db: "NVD", id: "CVE-2013-0712", }, { db: "CNNVD", id: "CNNVD-201303-406", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote authenticated users to cause a denial of service (daemon outage) via a crafted packet. The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability. The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability due to an issue in the processing directly after the SSH connection is established. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.SSH access may become unavailable until the next reboot when receiving a specially crafted packet after a SSH connection is established. VxWorks is an embedded real-time operating system. An attacker can pass a specially crafted packet, causing a denial of service. VxWorks is prone to a denial-of-service vulnerability. \nRemote attackers can exploit this issue to cause denial-of-service conditions for legitimate users. \nVxWorks 6.5 through 6.9 are vulnerable; other versions may also be affected. Vendor affected: TP-Link (http://tp-link.com)\n\nProducts affected:\n * All TP-Link VxWorks-based devices (confirmed by vendor)\n * All \"2-series\" switches (confirmed by vendor)\n * TL-SG2008 semi-managed switch (confirmed by vendor)\n * TL-SG2216 semi-managed switch (confirmed by vendor)\n * TL-SG2424 semi-managed switch (confirmed by vendor)\n * TL-SG2424P semi-managed switch (confirmed by vendor)\n * TL-SG2452 semi-managed switch (confirmed by vendor)\n\nVulnerabilities:\n * All previously-reported VxWorks vulnerabilities from 6.6.0 on;\n at the very least:\n * CVE-2013-0716 (confirmed by vendor)\n * CVE-2013-0715 (confirmed by vendor)\n * CVE-2013-0714 (confirmed by vendor)\n * CVE-2013-0713 (confirmed by vendor)\n * CVE-2013-0712 (confirmed by vendor)\n * CVE-2013-0711 (confirmed by vendor)\n * CVE-2010-2967 (confirmed by vendor)\n * CVE-2010-2966 (confirmed by vendor)\n * CVE-2008-2476 (confirmed by vendor)\n * SSLv2 is available and cannot be disabled unless HTTPS is\n completely disabled (allows downgrade attacks)\n (confirmed by vendor)\n * SSL (v2, v3) offers insecure cipher suites and HMACs which cannot\n be disabled (allows downgrade attacks)\n (confirmed by vendor)\n\nDesign flaws:\n * Telnet is available and cannot be disabled (confirmed by vendor)\n * SSHv1 enabled by default if SSH is enabled (confirmed by vendor)\n\nVendor response:\n TP-Link are not convinced that these flaws should be repaired. \n\n TP-Link's Internet presence -- or at least DNS -- is available only\n intermittently. Most emails bounced. Lost contact with vendor, but\n did confirm that development lead is now on holiday and will not\n return for at least a week. \n\n Initial vendor reaction was to recommend purchase of \"3-series\"\n switches. Vendor did not offer reasons why \"3-series\" switches would\n be more secure, apart from lack of telnet service. Vendor confirmed\n that no development time can be allocated to securing \"2-series\"\n product and all focus has shifted to newer products. \n\n (TL-SG2008 first product availability July 2014...)\n\n Vendor deeply confused about security of DES/3DES, MD5, claimed that\n all security is relative. (\"...[E]ven SHA-1 can be cracked, they just\n have different security level.\")\n\nFix availability:\n None. \n\nWork-arounds advised:\n None possible. Remove products from network", sources: [ { db: "NVD", id: "CVE-2013-0712", }, { db: "JVNDB", id: "JVNDB-2013-000019", }, { db: "CNVD", id: "CNVD-2013-01997", }, { db: "BID", id: "58643", }, { db: "IVD", id: "097d99c2-2353-11e6-abef-000c29c66e3d", }, { db: "PACKETSTORM", id: "128512", }, ], trust: 2.7, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2013-0712", trust: 3.6, }, { db: "JVNDB", id: "JVNDB-2013-000019", trust: 3.3, }, { db: "JVN", id: "JVN01611135", trust: 2.7, }, { db: "CNVD", id: "CNVD-2013-01997", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201303-406", trust: 0.8, }, { db: "JVN", id: "JVN#01611135", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-13-091-01", trust: 0.3, }, { db: "BID", id: "58643", trust: 0.3, }, { db: "IVD", id: "097D99C2-2353-11E6-ABEF-000C29C66E3D", trust: 0.2, }, { db: "PACKETSTORM", id: "128512", trust: 0.1, }, ], sources: [ { db: "IVD", id: "097d99c2-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-01997", }, { db: "BID", id: "58643", }, { db: "JVNDB", id: "JVNDB-2013-000019", }, { db: "PACKETSTORM", id: "128512", }, { db: "NVD", id: "CVE-2013-0712", }, { db: "CNNVD", id: "CNNVD-201303-406", }, ], }, id: "VAR-201303-0233", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "097d99c2-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-01997", }, ], trust: 1.28058823, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "IoT", "ICS", ], sub_category: null, trust: 0.6, }, { category: [ "ICS", ], sub_category: null, trust: 0.2, }, ], sources: [ { db: "IVD", id: "097d99c2-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-01997", }, ], }, last_update_date: "2023-12-18T11:28:23.845000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Information from Wind River Systems", trust: 0.8, url: "http://jvn.jp/en/jp/jvn01611135/995359/index.html", }, { title: "Patch for VxWorks SSH server (IPSSH) Denial of Service Vulnerability (CNVD-2013-01997)", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/32970", }, ], sources: [ { db: "CNVD", id: "CNVD-2013-01997", }, { db: "JVNDB", id: "JVNDB-2013-000019", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-20", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2013-0712", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.7, url: "http://jvn.jp/en/jp/jvn01611135/index.html", }, { trust: 1.6, url: "http://jvn.jp/en/jp/jvn01611135/995359/index.html", }, { trust: 1.6, url: "http://jvndb.jvn.jp/jvndb/jvndb-2013-000019", }, { trust: 0.9, url: "http://jvndb.jvn.jp/en/contents/2013/jvndb-2013-000019.html", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0712", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0712", }, { trust: 0.3, url: "http://www.windriver.com/", }, { trust: 0.3, url: "http://www.windriver.com/products/vxworks.html", }, { trust: 0.3, url: "http://ics-cert.us-cert.gov/pdf/icsa-13-091-01.pdf", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2010-2966", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0713", }, { trust: 0.1, url: "http://tp-link.com)", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0715", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2010-2967", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2008-2476", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0716", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0712", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0711", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0714", }, ], sources: [ { db: "CNVD", id: "CNVD-2013-01997", }, { db: "BID", id: "58643", }, { db: "JVNDB", id: "JVNDB-2013-000019", }, { db: "PACKETSTORM", id: "128512", }, { db: "NVD", id: "CVE-2013-0712", }, { db: "CNNVD", id: "CNNVD-201303-406", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "097d99c2-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-01997", }, { db: "BID", id: "58643", }, { db: "JVNDB", id: "JVNDB-2013-000019", }, { db: "PACKETSTORM", id: "128512", }, { db: "NVD", id: "CVE-2013-0712", }, { db: "CNNVD", id: "CNNVD-201303-406", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2013-03-25T00:00:00", db: "IVD", id: "097d99c2-2353-11e6-abef-000c29c66e3d", }, { date: "2013-03-25T00:00:00", db: "CNVD", id: "CNVD-2013-01997", }, { date: "2013-03-18T00:00:00", db: "BID", id: "58643", }, { date: "2013-03-18T00:00:00", db: "JVNDB", id: "JVNDB-2013-000019", }, { date: "2014-10-01T10:11:11", db: "PACKETSTORM", id: "128512", }, { date: "2013-03-20T18:55:01.727000", db: "NVD", id: "CVE-2013-0712", }, { date: "2013-03-21T00:00:00", db: "CNNVD", id: "CNNVD-201303-406", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2013-03-25T00:00:00", db: "CNVD", id: "CNVD-2013-01997", }, { date: "2015-03-19T09:15:00", db: "BID", id: "58643", }, { date: "2013-06-25T00:00:00", db: "JVNDB", id: "JVNDB-2013-000019", }, { date: "2013-03-21T04:00:00", db: "NVD", id: "CVE-2013-0712", }, { date: "2013-03-21T00:00:00", db: "CNNVD", id: "CNNVD-201303-406", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201303-406", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2013-000019", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Input validation", sources: [ { db: "IVD", id: "097d99c2-2353-11e6-abef-000c29c66e3d", }, { db: "CNNVD", id: "CNNVD-201303-406", }, ], trust: 0.8, }, }
var-202103-0365
Vulnerability from variot
A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. Wind River VxWorks Is vulnerable to an out-of-bounds write.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Wind River VxWorks is an operating system of Wind River Company in the United States. The industry-leading real-time operating system for building embedded devices and systems. Remote attackers can use this vulnerability to submit special requests, causing the application to crash or execute arbitrary code in the application context
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202103-0365", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "vxworks", scope: "gte", trust: 1, vendor: "windriver", version: "6.5", }, { model: "sgt-200", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "sgt-300", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "sgt-400", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "vxworks", scope: "lte", trust: 1, vendor: "windriver", version: "7.0", }, { model: "sgt-a20", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "sgt-a35", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "sgt-a65", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "sgt-100", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "ウインドリバー株式会社", version: "6.5 to 7", }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "ウインドリバー株式会社", version: null, }, { model: "river vxworks", scope: "gte", trust: 0.6, vendor: "wind", version: "6.5,<=7", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-29083", }, { db: "JVNDB", id: "JVNDB-2016-009699", }, { db: "NVD", id: "CVE-2016-20009", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "7.0", versionStartIncluding: "6.5", vulnerable: true, }, ], operator: "OR", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:sgt-100_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:sgt-100:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:sgt-200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:sgt-200:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:sgt-300_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:sgt-300:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:sgt-400_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:sgt-400:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:sgt-a20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:sgt-a20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:sgt-a35_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:sgt-a35:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:sgt-a65_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:sgt-a65:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2016-20009", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens reported to CISA that these products are affected by this vulnerability when using some third-party components.", sources: [ { db: "CNNVD", id: "CNNVD-202103-841", }, ], trust: 0.6, }, cve: "CVE-2016-20009", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 7.5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2016-20009", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.9, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2021-29083", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2016-20009", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2016-20009", trust: 1.8, value: "CRITICAL", }, { author: "CNVD", id: "CNVD-2021-29083", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202103-841", trust: 0.6, value: "CRITICAL", }, { author: "VULMON", id: "CVE-2016-20009", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2021-29083", }, { db: "VULMON", id: "CVE-2016-20009", }, { db: "JVNDB", id: "JVNDB-2016-009699", }, { db: "CNNVD", id: "CNNVD-202103-841", }, { db: "NVD", id: "CVE-2016-20009", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. Wind River VxWorks Is vulnerable to an out-of-bounds write.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Wind River VxWorks is an operating system of Wind River Company in the United States. The industry-leading real-time operating system for building embedded devices and systems. Remote attackers can use this vulnerability to submit special requests, causing the application to crash or execute arbitrary code in the application context", sources: [ { db: "NVD", id: "CVE-2016-20009", }, { db: "JVNDB", id: "JVNDB-2016-009699", }, { db: "CNVD", id: "CNVD-2021-29083", }, { db: "VULMON", id: "CVE-2016-20009", }, ], trust: 2.25, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2016-20009", trust: 3.1, }, { db: "SIEMENS", id: "SSA-553445", trust: 1.7, }, { db: "JVN", id: "JVNVU99791395", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2016-009699", trust: 0.8, }, { db: "CNVD", id: "CNVD-2021-29083", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-222-06", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.2712", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202103-841", trust: 0.6, }, { db: "VULMON", id: "CVE-2016-20009", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-29083", }, { db: "VULMON", id: "CVE-2016-20009", }, { db: "JVNDB", id: "JVNDB-2016-009699", }, { db: "CNNVD", id: "CNNVD-202103-841", }, { db: "NVD", id: "CVE-2016-20009", }, ], }, id: "VAR-202103-0365", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2021-29083", }, ], trust: 1.6, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-29083", }, ], }, last_update_date: "2024-05-17T21:12:07.067000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Top Page", trust: 0.8, url: "https://www.windriver.com/", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=3f7c93868d7099e31ef639cbd5d52b75", }, { title: "BleepingComputer", trust: 0.1, url: "https://www.bleepingcomputer.com/news/security/name-wreck-dns-vulnerabilities-affect-over-100-million-devices/", }, ], sources: [ { db: "VULMON", id: "CVE-2016-20009", }, { db: "JVNDB", id: "JVNDB-2016-009699", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1, }, { problemtype: "Out-of-bounds writing (CWE-787) [NVD Evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2016-009699", }, { db: "NVD", id: "CVE-2016-20009", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 3.1, url: "https://blog.exodusintel.com/2016/08/09/vxworks-execute-my-packets/", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-553445.pdf", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu99791395/index.html", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2016-20009", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.2712", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-222-06", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/787.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://www.bleepingcomputer.com/news/security/name-wreck-dns-vulnerabilities-affect-over-100-million-devices/", }, { trust: 0.1, url: "https://cert-portal.siemens.com/productcert/txt/ssa-553445.txt", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-29083", }, { db: "VULMON", id: "CVE-2016-20009", }, { db: "JVNDB", id: "JVNDB-2016-009699", }, { db: "CNNVD", id: "CNNVD-202103-841", }, { db: "NVD", id: "CVE-2016-20009", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2021-29083", }, { db: "VULMON", id: "CVE-2016-20009", }, { db: "JVNDB", id: "JVNDB-2016-009699", }, { db: "CNNVD", id: "CNNVD-202103-841", }, { db: "NVD", id: "CVE-2016-20009", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-04-18T00:00:00", db: "CNVD", id: "CNVD-2021-29083", }, { date: "2021-03-11T00:00:00", db: "VULMON", id: "CVE-2016-20009", }, { date: "2021-11-24T00:00:00", db: "JVNDB", id: "JVNDB-2016-009699", }, { date: "2021-03-11T00:00:00", db: "CNNVD", id: "CNNVD-202103-841", }, { date: "2021-03-11T22:15:12.120000", db: "NVD", id: "CVE-2016-20009", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-04-18T00:00:00", db: "CNVD", id: "CNVD-2021-29083", }, { date: "2021-08-10T00:00:00", db: "VULMON", id: "CVE-2016-20009", }, { date: "2021-11-24T06:53:00", db: "JVNDB", id: "JVNDB-2016-009699", }, { date: "2022-04-06T00:00:00", db: "CNNVD", id: "CNNVD-202103-841", }, { date: "2024-05-17T01:08:37.820000", db: "NVD", id: "CVE-2016-20009", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202103-841", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River VxWorks Out-of-bounds Vulnerability in Microsoft", sources: [ { db: "JVNDB", id: "JVNDB-2016-009699", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-202103-841", }, ], trust: 0.6, }, }
var-201303-0247
Vulnerability from variot
IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote attackers to cause a denial of service (daemon outage) via a crafted authentication request. The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability. The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability due to an issue in processing authentication requests. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.SSH access may become unavailable until the next reboot as a result of processing an authentication request. VxWorks is an embedded real-time operating system. VxWorks is prone to a denial-of-service vulnerability. VxWorks 6.5 through 6.9 are vulnerable; other versions may also be affected. Vendor affected: TP-Link (http://tp-link.com)
Products affected: * All TP-Link VxWorks-based devices (confirmed by vendor) * All "2-series" switches (confirmed by vendor) * TL-SG2008 semi-managed switch (confirmed by vendor) * TL-SG2216 semi-managed switch (confirmed by vendor) * TL-SG2424 semi-managed switch (confirmed by vendor) * TL-SG2424P semi-managed switch (confirmed by vendor) * TL-SG2452 semi-managed switch (confirmed by vendor)
Vulnerabilities: * All previously-reported VxWorks vulnerabilities from 6.6.0 on; at the very least: * CVE-2013-0716 (confirmed by vendor) * CVE-2013-0715 (confirmed by vendor) * CVE-2013-0714 (confirmed by vendor) * CVE-2013-0713 (confirmed by vendor) * CVE-2013-0712 (confirmed by vendor) * CVE-2013-0711 (confirmed by vendor) * CVE-2010-2967 (confirmed by vendor) * CVE-2010-2966 (confirmed by vendor) * CVE-2008-2476 (confirmed by vendor) * SSLv2 is available and cannot be disabled unless HTTPS is completely disabled (allows downgrade attacks) (confirmed by vendor) * SSL (v2, v3) offers insecure cipher suites and HMACs which cannot be disabled (allows downgrade attacks) (confirmed by vendor)
Design flaws: * Telnet is available and cannot be disabled (confirmed by vendor) * SSHv1 enabled by default if SSH is enabled (confirmed by vendor)
Vendor response: TP-Link are not convinced that these flaws should be repaired.
TP-Link's Internet presence -- or at least DNS -- is available only intermittently. Most emails bounced. Lost contact with vendor, but did confirm that development lead is now on holiday and will not return for at least a week.
Initial vendor reaction was to recommend purchase of "3-series" switches. Vendor did not offer reasons why "3-series" switches would be more secure, apart from lack of telnet service. Vendor confirmed that no development time can be allocated to securing "2-series" product and all focus has shifted to newer products.
(TL-SG2008 first product availability July 2014...)
Vendor deeply confused about security of DES/3DES, MD5, claimed that all security is relative. ("...[E]ven SHA-1 can be cracked, they just have different security level.")
Fix availability: None.
Work-arounds advised: None possible. Remove products from network
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201303-0247", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.8", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.7", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.6", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.9", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.5", }, { model: "river systems vxworks through", scope: "eq", trust: 1.2, vendor: "wind", version: "6.56.9", }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "wind river", version: "6.5 through 6.9", }, { model: null, scope: "eq", trust: 0.4, vendor: "vxworks", version: "6.5", }, { model: null, scope: "eq", trust: 0.4, vendor: "vxworks", version: "6.6", }, { model: null, scope: "eq", trust: 0.4, vendor: "vxworks", version: "6.7", }, { model: null, scope: "eq", trust: 0.4, vendor: "vxworks", version: "6.8", }, { model: null, scope: "eq", trust: 0.4, vendor: "vxworks", version: "6.9", }, ], sources: [ { db: "IVD", id: "c403bd44-1f2f-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "0961e59c-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-01996", }, { db: "CNVD", id: "CNVD-2013-02191", }, { db: "JVNDB", id: "JVNDB-2013-000018", }, { db: "NVD", id: "CVE-2013-0711", }, { db: "CNNVD", id: "CNNVD-201303-405", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.9:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2013-0711", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd", sources: [ { db: "BID", id: "58638", }, ], trust: 0.3, }, cve: "CVE-2013-0711", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", exploitabilityScore: 10, impactScore: 6.9, integrityImpact: "NONE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "IPA", availabilityImpact: "Complete", baseScore: 7.8, confidentialityImpact: "None", exploitabilityScore: null, id: "JVNDB-2013-000018", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2013-01996", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", exploitabilityScore: 8, id: "CNVD-2013-02191", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "c403bd44-1f2f-11e6-abef-000c29c66e3d", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", exploitabilityScore: 8, id: "0961e59c-2353-11e6-abef-000c29c66e3d", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.2, vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.9 [IVD]", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2013-0711", trust: 1, value: "HIGH", }, { author: "IPA", id: "JVNDB-2013-000018", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2013-01996", trust: 0.6, value: "HIGH", }, { author: "CNVD", id: "CNVD-2013-02191", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201303-405", trust: 0.6, value: "HIGH", }, { author: "IVD", id: "c403bd44-1f2f-11e6-abef-000c29c66e3d", trust: 0.2, value: "HIGH", }, { author: "IVD", id: "0961e59c-2353-11e6-abef-000c29c66e3d", trust: 0.2, value: "HIGH", }, ], }, ], sources: [ { db: "IVD", id: "c403bd44-1f2f-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "0961e59c-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-01996", }, { db: "CNVD", id: "CNVD-2013-02191", }, { db: "JVNDB", id: "JVNDB-2013-000018", }, { db: "NVD", id: "CVE-2013-0711", }, { db: "CNNVD", id: "CNNVD-201303-405", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote attackers to cause a denial of service (daemon outage) via a crafted authentication request. The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability. The SSH server (IPSSH) implementation in VxWorks contains a denial-of-service (DoS) vulnerability due to an issue in processing authentication requests. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.SSH access may become unavailable until the next reboot as a result of processing an authentication request. VxWorks is an embedded real-time operating system. VxWorks is prone to a denial-of-service vulnerability. \nVxWorks 6.5 through 6.9 are vulnerable; other versions may also be affected. Vendor affected: TP-Link (http://tp-link.com)\n\nProducts affected:\n * All TP-Link VxWorks-based devices (confirmed by vendor)\n * All \"2-series\" switches (confirmed by vendor)\n * TL-SG2008 semi-managed switch (confirmed by vendor)\n * TL-SG2216 semi-managed switch (confirmed by vendor)\n * TL-SG2424 semi-managed switch (confirmed by vendor)\n * TL-SG2424P semi-managed switch (confirmed by vendor)\n * TL-SG2452 semi-managed switch (confirmed by vendor)\n\nVulnerabilities:\n * All previously-reported VxWorks vulnerabilities from 6.6.0 on;\n at the very least:\n * CVE-2013-0716 (confirmed by vendor)\n * CVE-2013-0715 (confirmed by vendor)\n * CVE-2013-0714 (confirmed by vendor)\n * CVE-2013-0713 (confirmed by vendor)\n * CVE-2013-0712 (confirmed by vendor)\n * CVE-2013-0711 (confirmed by vendor)\n * CVE-2010-2967 (confirmed by vendor)\n * CVE-2010-2966 (confirmed by vendor)\n * CVE-2008-2476 (confirmed by vendor)\n * SSLv2 is available and cannot be disabled unless HTTPS is\n completely disabled (allows downgrade attacks)\n (confirmed by vendor)\n * SSL (v2, v3) offers insecure cipher suites and HMACs which cannot\n be disabled (allows downgrade attacks)\n (confirmed by vendor)\n\nDesign flaws:\n * Telnet is available and cannot be disabled (confirmed by vendor)\n * SSHv1 enabled by default if SSH is enabled (confirmed by vendor)\n\nVendor response:\n TP-Link are not convinced that these flaws should be repaired. \n\n TP-Link's Internet presence -- or at least DNS -- is available only\n intermittently. Most emails bounced. Lost contact with vendor, but\n did confirm that development lead is now on holiday and will not\n return for at least a week. \n\n Initial vendor reaction was to recommend purchase of \"3-series\"\n switches. Vendor did not offer reasons why \"3-series\" switches would\n be more secure, apart from lack of telnet service. Vendor confirmed\n that no development time can be allocated to securing \"2-series\"\n product and all focus has shifted to newer products. \n\n (TL-SG2008 first product availability July 2014...)\n\n Vendor deeply confused about security of DES/3DES, MD5, claimed that\n all security is relative. (\"...[E]ven SHA-1 can be cracked, they just\n have different security level.\")\n\nFix availability:\n None. \n\nWork-arounds advised:\n None possible. Remove products from network", sources: [ { db: "NVD", id: "CVE-2013-0711", }, { db: "JVNDB", id: "JVNDB-2013-000018", }, { db: "CNVD", id: "CNVD-2013-01996", }, { db: "CNVD", id: "CNVD-2013-02191", }, { db: "BID", id: "58638", }, { db: "IVD", id: "c403bd44-1f2f-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "0961e59c-2353-11e6-abef-000c29c66e3d", }, { db: "PACKETSTORM", id: "128512", }, ], trust: 3.42, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2013-0711", trust: 4.4, }, { db: "JVNDB", id: "JVNDB-2013-000018", trust: 3, }, { db: "JVN", id: "JVN45545972", trust: 3, }, { db: "ICS CERT", id: "ICSA-13-091-01", trust: 1.8, }, { db: "CNNVD", id: "CNNVD-201303-405", trust: 1, }, { db: "CNVD", id: "CNVD-2013-01996", trust: 0.8, }, { db: "CNVD", id: "CNVD-2013-02191", trust: 0.8, }, { db: "SECUNIA", id: "52671", trust: 0.6, }, { db: "JVN", id: "JVN#45545972", trust: 0.6, }, { db: "BID", id: "58638", trust: 0.3, }, { db: "IVD", id: "C403BD44-1F2F-11E6-ABEF-000C29C66E3D", trust: 0.2, }, { db: "IVD", id: "0961E59C-2353-11E6-ABEF-000C29C66E3D", trust: 0.2, }, { db: "PACKETSTORM", id: "128512", trust: 0.1, }, ], sources: [ { db: "IVD", id: "c403bd44-1f2f-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "0961e59c-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-01996", }, { db: "CNVD", id: "CNVD-2013-02191", }, { db: "BID", id: "58638", }, { db: "JVNDB", id: "JVNDB-2013-000018", }, { db: "PACKETSTORM", id: "128512", }, { db: "NVD", id: "CVE-2013-0711", }, { db: "CNNVD", id: "CNNVD-201303-405", }, ], }, id: "VAR-201303-0247", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "c403bd44-1f2f-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "0961e59c-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-01996", }, { db: "CNVD", id: "CNVD-2013-02191", }, ], trust: 2.08058823, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 1, }, { category: [ "IoT", "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "IVD", id: "c403bd44-1f2f-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "0961e59c-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-01996", }, { db: "CNVD", id: "CNVD-2013-02191", }, ], }, last_update_date: "2023-12-18T11:21:09.896000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Information from Wind River Systems", trust: 0.8, url: "http://jvn.jp/en/jp/jvn45545972/995359/index.html", }, { title: "Patch for VxWorks SSH server (IPSSH) Denial of Service Vulnerability (CNVD-2013-01996)", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/32969", }, { title: "Patch for VxWorks WebCLI Remote Denial of Service Vulnerability (CNVD-2013-02191)", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/33010", }, ], sources: [ { db: "CNVD", id: "CNVD-2013-01996", }, { db: "CNVD", id: "CNVD-2013-02191", }, { db: "JVNDB", id: "JVNDB-2013-000018", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-20", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2013-0711", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.4, url: "http://jvn.jp/en/jp/jvn45545972/index.html", }, { trust: 1.8, url: "http://ics-cert.us-cert.gov/advisories/icsa-13-091-01", }, { trust: 1.6, url: "http://jvn.jp/en/jp/jvn45545972/995359/index.html", }, { trust: 1.6, url: "http://jvndb.jvn.jp/jvndb/jvndb-2013-000018", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0711", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0711", }, { trust: 0.6, url: "http://jvndb.jvn.jp/en/contents/2013/jvndb-2013-000018.html", }, { trust: 0.6, url: "http://jvn.jp/en/jp/jvn45545972/", }, { trust: 0.6, url: "http://secunia.com/advisories/52671/", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2010-2966", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0713", }, { trust: 0.1, url: "http://tp-link.com)", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0715", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2010-2967", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2008-2476", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0716", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0712", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0711", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0714", }, ], sources: [ { db: "CNVD", id: "CNVD-2013-01996", }, { db: "CNVD", id: "CNVD-2013-02191", }, { db: "JVNDB", id: "JVNDB-2013-000018", }, { db: "PACKETSTORM", id: "128512", }, { db: "NVD", id: "CVE-2013-0711", }, { db: "CNNVD", id: "CNNVD-201303-405", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "c403bd44-1f2f-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "0961e59c-2353-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2013-01996", }, { db: "CNVD", id: "CNVD-2013-02191", }, { db: "BID", id: "58638", }, { db: "JVNDB", id: "JVNDB-2013-000018", }, { db: "PACKETSTORM", id: "128512", }, { db: "NVD", id: "CVE-2013-0711", }, { db: "CNNVD", id: "CNNVD-201303-405", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2013-03-25T00:00:00", db: "IVD", id: "c403bd44-1f2f-11e6-abef-000c29c66e3d", }, { date: "2013-03-27T00:00:00", db: "IVD", id: "0961e59c-2353-11e6-abef-000c29c66e3d", }, { date: "2013-03-25T00:00:00", db: "CNVD", id: "CNVD-2013-01996", }, { date: "2013-03-27T00:00:00", db: "CNVD", id: "CNVD-2013-02191", }, { date: "2013-03-18T00:00:00", db: "BID", id: "58638", }, { date: "2013-03-18T00:00:00", db: "JVNDB", id: "JVNDB-2013-000018", }, { date: "2014-10-01T10:11:11", db: "PACKETSTORM", id: "128512", }, { date: "2013-03-20T18:55:01.700000", db: "NVD", id: "CVE-2013-0711", }, { date: "2013-03-21T00:00:00", db: "CNNVD", id: "CNNVD-201303-405", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2013-03-25T00:00:00", db: "CNVD", id: "CNVD-2013-01996", }, { date: "2013-05-21T00:00:00", db: "CNVD", id: "CNVD-2013-02191", }, { date: "2013-04-02T06:47:00", db: "BID", id: "58638", }, { date: "2013-06-25T00:00:00", db: "JVNDB", id: "JVNDB-2013-000018", }, { date: "2013-05-21T03:23:03.920000", db: "NVD", id: "CVE-2013-0711", }, { date: "2013-03-21T00:00:00", db: "CNNVD", id: "CNNVD-201303-405", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201303-405", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2013-000018", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Input validation", sources: [ { db: "IVD", id: "c403bd44-1f2f-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "0961e59c-2353-11e6-abef-000c29c66e3d", }, { db: "CNNVD", id: "CNNVD-201303-405", }, ], trust: 1, }, }
var-201905-0062
Vulnerability from variot
When RPC is enabled in Wind River VxWorks 6.9 prior to 6.9.1, a specially crafted RPC request can trigger an integer overflow leading to an out-of-bounds memory copy. It may allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code. Wind River VxWorks Contains an integer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201905-0062", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "vxworks", scope: "lt", trust: 1, vendor: "windriver", version: "6.9.1", }, { model: "vxworks", scope: "eq", trust: 1, vendor: "windriver", version: "6.8", }, { model: "vxworks", scope: "gte", trust: 1, vendor: "windriver", version: "6.9", }, { model: "vxworks", scope: "eq", trust: 1, vendor: "windriver", version: "6.7", }, { model: "vxworks", scope: "eq", trust: 1, vendor: "windriver", version: "6.6", }, { model: "vxworks", scope: "lt", trust: 0.8, vendor: "wind river", version: "6.9 thats all 6.9.1", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-004861", }, { db: "NVD", id: "CVE-2019-9865", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "6.9.1", versionStartIncluding: "6.9", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2019-9865", }, ], }, cve: "CVE-2019-9865", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: null, accessComplexity: "Medium", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 6.8, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2019-9865", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 1.8, userInteractionRequired: null, vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, id: "VH-CVE-2019-9865", impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "MEDIUM", trust: 0.1, userInteractionRequired: null, vectorString: "AV:N/AC:M/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "High", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 8.1, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2019-9865", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 1.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2019-9865", trust: 1.8, value: "High", }, { author: "CNNVD", id: "CNNVD-201905-1054", trust: 0.6, value: "HIGH", }, { author: "VUL-HUB", id: "VH-CVE-2019-9865", trust: 0.1, value: "In danger", }, ], }, ], sources: [ { db: "VULHUB", id: "VH-CVE-2019-9865", }, { db: "JVNDB", id: "JVNDB-2019-004861", }, { db: "CNNVD", id: "CNNVD-201905-1054", }, { db: "NVD", id: "CVE-2019-9865", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "When RPC is enabled in Wind River VxWorks 6.9 prior to 6.9.1, a specially crafted RPC request can trigger an integer overflow leading to an out-of-bounds memory copy. It may allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code. Wind River VxWorks Contains an integer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state", sources: [ { db: "NVD", id: "CVE-2019-9865", }, { db: "JVNDB", id: "JVNDB-2019-004861", }, { db: "VULHUB", id: "VH-CVE-2019-9865", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-9865", trust: 2.5, }, { db: "JVNDB", id: "JVNDB-2019-004861", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201905-1054", trust: 0.6, }, { db: "VULHUB", id: "VH-CVE-2019-9865", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VH-CVE-2019-9865", }, { db: "JVNDB", id: "JVNDB-2019-004861", }, { db: "CNNVD", id: "CNNVD-201905-1054", }, { db: "NVD", id: "CVE-2019-9865", }, ], }, id: "VAR-201905-0062", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VH-CVE-2019-9865", }, ], trust: 0.01, }, last_update_date: "2022-05-04T09:03:24.739000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Security Notices (Wind River VxWorks 20190320 Security Alert for RPC (CVE-2019-9865))", trust: 0.8, url: "https://www.windriver.com/feeds/wind_river_security_notices.xml", }, { title: "Security Notices", trust: 0.8, url: "https://support2.windriver.com/index.php?page=security-notices", }, { title: "Wind River Systems VxWorks Enter the fix for the verification error vulnerability", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=93007", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-004861", }, { db: "CNNVD", id: "CNNVD-201905-1054", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-190", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VH-CVE-2019-9865", }, { db: "JVNDB", id: "JVNDB-2019-004861", }, { db: "NVD", id: "CVE-2019-9865", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.6, url: "https://www.windriver.com/feeds/wind_river_security_notices.xml", }, { trust: 1.6, url: "https://support2.windriver.com/index.php?page=security-notices", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-9865", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9865", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-004861", }, { db: "CNNVD", id: "CNNVD-201905-1054", }, { db: "NVD", id: "CVE-2019-9865", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VH-CVE-2019-9865", }, { db: "JVNDB", id: "JVNDB-2019-004861", }, { db: "CNNVD", id: "CNNVD-201905-1054", }, { db: "NVD", id: "CVE-2019-9865", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-03-19T00:00:00", db: "VULHUB", id: "VH-CVE-2019-9865", }, { date: "2019-06-11T00:00:00", db: "JVNDB", id: "JVNDB-2019-004861", }, { date: "2019-05-29T00:00:00", db: "CNNVD", id: "CNNVD-201905-1054", }, { date: "2019-05-29T17:29:00", db: "NVD", id: "CVE-2019-9865", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-11-03T00:00:00", db: "VULHUB", id: "VH-CVE-2019-9865", }, { date: "2019-06-11T00:00:00", db: "JVNDB", id: "JVNDB-2019-004861", }, { date: "2019-05-31T00:00:00", db: "CNNVD", id: "CNNVD-201905-1054", }, { date: "2019-05-29T19:20:00", db: "NVD", id: "CVE-2019-9865", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201905-1054", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River VxWorks Integer overflow vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2019-004861", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "input validation error", sources: [ { db: "CNNVD", id: "CNNVD-201905-1054", }, ], trust: 0.6, }, }
var-201702-0004
Vulnerability from variot
Integer overflow in the _authenticate function in svc_auth.c in Wind River VxWorks 5.5 through 6.9.4.1, when the Remote Procedure Call (RPC) protocol is enabled, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a username and password. Wind River VxWorks is a set of IoT embedded real-time operating system (RTOS) developed by Wind River. There is an integer overflow vulnerability in the 'the _authenticate' function of the svc_auth.c file in Wind River VxWorks version 5.5 to 6.9.4.1. WindRiver VxWorks is prone to a integer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201702-0004", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.8", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.7", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.9", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.4", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "5.5", }, { model: "vxworks", scope: "lte", trust: 1, vendor: "windriver", version: "6.9.4.1", }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "wind river", version: "6.9.4.1 for up to 5.5", }, { model: "vxworks", scope: "eq", trust: 0.6, vendor: "wind river", version: "/", }, { model: "vxworks", scope: "eq", trust: 0.6, vendor: "windriver", version: "6.9.4.1", }, { model: "vxworks", scope: "eq", trust: 0.3, vendor: "windriver", version: "0", }, { model: "santricity os controller", scope: "eq", trust: 0.3, vendor: "netapp", version: "8.20", }, { model: "santricity os controller", scope: "eq", trust: 0.3, vendor: "netapp", version: "8.10", }, { model: "ev540", scope: "eq", trust: 0.3, vendor: "netapp", version: "0", }, { model: "ef560", scope: "eq", trust: 0.3, vendor: "netapp", version: "0", }, { model: "ef550", scope: "eq", trust: 0.3, vendor: "netapp", version: "0", }, { model: "e5600", scope: "eq", trust: 0.3, vendor: "netapp", version: "0", }, { model: "e5500", scope: "eq", trust: 0.3, vendor: "netapp", version: "0", }, { model: "e5400", scope: "eq", trust: 0.3, vendor: "netapp", version: "0", }, { model: "e2700", scope: "eq", trust: 0.3, vendor: "netapp", version: "0", }, { model: "e2600", scope: "eq", trust: 0.3, vendor: "netapp", version: "0", }, { model: "santricity os controller", scope: "ne", trust: 0.3, vendor: "netapp", version: "8.20.12.00", }, { model: "santricity os controller", scope: "ne", trust: 0.3, vendor: "netapp", version: "8.10.19.00", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "5.5", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.4", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.7", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.8", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.9", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "*", }, ], sources: [ { db: "IVD", id: "72360f78-2351-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2015-08443", }, { db: "BID", id: "79205", }, { db: "JVNDB", id: "JVNDB-2015-007386", }, { db: "NVD", id: "CVE-2015-7599", }, { db: "CNNVD", id: "CNNVD-201512-464", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:5.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.9:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.9.4.1", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2015-7599", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "The vendor reported this issue.", sources: [ { db: "BID", id: "79205", }, { db: "CNNVD", id: "CNNVD-201512-464", }, ], trust: 0.9, }, cve: "CVE-2015-7599", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", exploitabilityScore: 8.6, impactScore: 10, integrityImpact: "COMPLETE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Medium", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Complete", baseScore: 9.3, confidentialityImpact: "Complete", exploitabilityScore: null, id: "CVE-2015-7599", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.9, userInteractionRequired: null, vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2015-08443", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "72360f78-2351-11e6-abef-000c29c66e3d", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.9 [IVD]", }, ], cvssV3: [ { attackComplexity: "HIGH", attackVector: "NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2.2, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "High", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 8.1, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2015-7599", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2015-7599", trust: 1.8, value: "HIGH", }, { author: "CNVD", id: "CNVD-2015-08443", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201512-464", trust: 0.6, value: "CRITICAL", }, { author: "IVD", id: "72360f78-2351-11e6-abef-000c29c66e3d", trust: 0.2, value: "CRITICAL", }, { author: "VULMON", id: "CVE-2015-7599", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "IVD", id: "72360f78-2351-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2015-08443", }, { db: "VULMON", id: "CVE-2015-7599", }, { db: "JVNDB", id: "JVNDB-2015-007386", }, { db: "NVD", id: "CVE-2015-7599", }, { db: "CNNVD", id: "CNNVD-201512-464", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Integer overflow in the _authenticate function in svc_auth.c in Wind River VxWorks 5.5 through 6.9.4.1, when the Remote Procedure Call (RPC) protocol is enabled, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a username and password. Wind River VxWorks is a set of IoT embedded real-time operating system (RTOS) developed by Wind River. \nThere is an integer overflow vulnerability in the 'the _authenticate' function of the svc_auth.c file in Wind River VxWorks version 5.5 to 6.9.4.1. WindRiver VxWorks is prone to a integer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data", sources: [ { db: "NVD", id: "CVE-2015-7599", }, { db: "JVNDB", id: "JVNDB-2015-007386", }, { db: "CNVD", id: "CNVD-2015-08443", }, { db: "CNNVD", id: "CNNVD-201512-464", }, { db: "BID", id: "79205", }, { db: "IVD", id: "72360f78-2351-11e6-abef-000c29c66e3d", }, { db: "VULMON", id: "CVE-2015-7599", }, ], trust: 3.24, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2015-7599", trust: 3.6, }, { db: "BID", id: "79205", trust: 2.6, }, { db: "CNVD", id: "CNVD-2015-08443", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201512-464", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2015-007386", trust: 0.8, }, { db: "IVD", id: "72360F78-2351-11E6-ABEF-000C29C66E3D", trust: 0.2, }, { db: "VULMON", id: "CVE-2015-7599", trust: 0.1, }, ], sources: [ { db: "IVD", id: "72360f78-2351-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2015-08443", }, { db: "VULMON", id: "CVE-2015-7599", }, { db: "BID", id: "79205", }, { db: "JVNDB", id: "JVNDB-2015-007386", }, { db: "NVD", id: "CVE-2015-7599", }, { db: "CNNVD", id: "CNNVD-201512-464", }, ], }, id: "VAR-201702-0004", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "72360f78-2351-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2015-08443", }, ], trust: 0.08, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "IoT", "ICS", ], sub_category: null, trust: 0.6, }, { category: [ "ICS", ], sub_category: null, trust: 0.2, }, ], sources: [ { db: "IVD", id: "72360f78-2351-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2015-08443", }, ], }, last_update_date: "2023-12-18T12:29:50.998000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "NTAP-20151029-0001", trust: 0.8, url: "https://kb.netapp.com/support/s/article/ka51a00000007esqai/cve-2015-7599-vxworks-vulnerability-impacting-netapp-e-series-products?language=en_us", }, { title: "Wind River VxWorks: Update/Clarification", trust: 0.8, url: "http://blogs.windriver.com/wind_river_blog/2015/09/wind-river-vxworks-updateclarification.html", }, { title: "Patch for Wind River VxWorks Integer Overflow Vulnerability (CNVD-2015-08443)", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/68858", }, { title: "ICS", trust: 0.1, url: "https://github.com/67626d/ics ", }, { title: "ISFFrame", trust: 0.1, url: "https://github.com/gzharryanonymous/isfframe ", }, { title: "isf", trust: 0.1, url: "https://github.com/dark-lbp/isf ", }, { title: "isf", trust: 0.1, url: "https://github.com/ninox-cyber/isf ", }, ], sources: [ { db: "CNVD", id: "CNVD-2015-08443", }, { db: "VULMON", id: "CVE-2015-7599", }, { db: "JVNDB", id: "JVNDB-2015-007386", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-190", trust: 1.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2015-007386", }, { db: "NVD", id: "CVE-2015-7599", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.4, url: "http://www.securityfocus.com/bid/79205", }, { trust: 1.7, url: "https://www.syscan360.org/slides/2015_en_attackingvxworksfromstoneagetointerstellar_eric_yannick.pdf", }, { trust: 1.7, url: "https://kb.netapp.com/support/s/article/cve-2015-7599-vxworks-vulnerability-impacting-netapp-e-series-products?language=en_us", }, { trust: 1.7, url: "http://blogs.windriver.com/wind_river_blog/2015/09/wind-river-vxworks-updateclarification.html", }, { trust: 1.1, url: "https://security.netapp.com/advisory/ntap-20151029-0001/", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7599", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7599", }, { trust: 0.3, url: "http://www.windriver.com/products/vxworks.html", }, { trust: 0.3, url: "https://kb.netapp.com/support/index?page=content&id=9010045&actp=rss", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/190.html", }, { trust: 0.1, url: "https://github.com/67626d/ics", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "CNVD", id: "CNVD-2015-08443", }, { db: "VULMON", id: "CVE-2015-7599", }, { db: "BID", id: "79205", }, { db: "JVNDB", id: "JVNDB-2015-007386", }, { db: "NVD", id: "CVE-2015-7599", }, { db: "CNNVD", id: "CNNVD-201512-464", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "72360f78-2351-11e6-abef-000c29c66e3d", }, { db: "CNVD", id: "CNVD-2015-08443", }, { db: "VULMON", id: "CVE-2015-7599", }, { db: "BID", id: "79205", }, { db: "JVNDB", id: "JVNDB-2015-007386", }, { db: "NVD", id: "CVE-2015-7599", }, { db: "CNNVD", id: "CNNVD-201512-464", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2015-12-23T00:00:00", db: "IVD", id: "72360f78-2351-11e6-abef-000c29c66e3d", }, { date: "2015-12-23T00:00:00", db: "CNVD", id: "CNVD-2015-08443", }, { date: "2017-02-07T00:00:00", db: "VULMON", id: "CVE-2015-7599", }, { date: "2015-12-10T00:00:00", db: "BID", id: "79205", }, { date: "2017-03-16T00:00:00", db: "JVNDB", id: "JVNDB-2015-007386", }, { date: "2017-02-07T17:59:00.147000", db: "NVD", id: "CVE-2015-7599", }, { date: "2015-12-16T00:00:00", db: "CNNVD", id: "CNNVD-201512-464", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2015-12-23T00:00:00", db: "CNVD", id: "CNVD-2015-08443", }, { date: "2017-11-16T00:00:00", db: "VULMON", id: "CVE-2015-7599", }, { date: "2015-12-10T00:00:00", db: "BID", id: "79205", }, { date: "2017-03-16T00:00:00", db: "JVNDB", id: "JVNDB-2015-007386", }, { date: "2017-11-16T02:29:01.583000", db: "NVD", id: "CVE-2015-7599", }, { date: "2017-02-08T00:00:00", db: "CNNVD", id: "CNNVD-201512-464", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201512-464", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River VxWorks of svc_auth.c of _authenticate Integer overflow vulnerability in functions", sources: [ { db: "JVNDB", id: "JVNDB-2015-007386", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "digital error", sources: [ { db: "CNNVD", id: "CNNVD-201512-464", }, ], trust: 0.6, }, }
var-201008-1004
Vulnerability from variot
The loginDefaultEncrypt algorithm in loginLib in Wind River VxWorks before 6.9 does not properly support a large set of distinct possible passwords, which makes it easier for remote attackers to obtain access via a (1) telnet, (2) rlogin, or (3) FTP session. VxWorks is an embedded real-time operating system. VxWorks has multiple security vulnerabilities that allow an attacker to bypass security restrictions and gain unauthorized access to the system. -VxWorks The WDB target agent runs as a task in VxWorks, which is an optional component in the VxWorks configuration that is enabled by default. The WDB Target Agent Debug Service provides read/write access to device memory, allowing calls to functions. It is recommended to reconfigure VxWorks that contain the components required for operations and build the appropriate system image type. It is recommended to remove the WEB target proxy and debug components (INCLUDE_WDB and INCLUDE_DEBUG) and other operating system components that do not need to support the client application. - The HASK algorithm for the standard authentication API under VxWorks is vulnerable to collisions, and attackers with known usernames can access (telnet, rlogin or FTP) services using a standard authentication API (loginDefaultEncrypt(), part of loginLib) in a relative The brute force password is cracked in a short period of time. Since the HASH algorithm is vulnerable to collision, it is not necessary to find the actual password, as long as a string is used to generate the same HASH. For example, when logging in with the default 'target/password', 'y{{{{{SS' will HASH out the same result as 'password'. So you can use 'password' and 'y{{{{{SS' as the password to log in. Vendor affected: TP-Link (http://tp-link.com)
Products affected: * All TP-Link VxWorks-based devices (confirmed by vendor) * All "2-series" switches (confirmed by vendor) * TL-SG2008 semi-managed switch (confirmed by vendor) * TL-SG2216 semi-managed switch (confirmed by vendor) * TL-SG2424 semi-managed switch (confirmed by vendor) * TL-SG2424P semi-managed switch (confirmed by vendor) * TL-SG2452 semi-managed switch (confirmed by vendor)
Vulnerabilities: * All previously-reported VxWorks vulnerabilities from 6.6.0 on; at the very least: * CVE-2013-0716 (confirmed by vendor) * CVE-2013-0715 (confirmed by vendor) * CVE-2013-0714 (confirmed by vendor) * CVE-2013-0713 (confirmed by vendor) * CVE-2013-0712 (confirmed by vendor) * CVE-2013-0711 (confirmed by vendor) * CVE-2010-2967 (confirmed by vendor) * CVE-2010-2966 (confirmed by vendor) * CVE-2008-2476 (confirmed by vendor) * SSLv2 is available and cannot be disabled unless HTTPS is completely disabled (allows downgrade attacks) (confirmed by vendor) * SSL (v2, v3) offers insecure cipher suites and HMACs which cannot be disabled (allows downgrade attacks) (confirmed by vendor)
Design flaws: * Telnet is available and cannot be disabled (confirmed by vendor) * SSHv1 enabled by default if SSH is enabled (confirmed by vendor)
Vendor response: TP-Link are not convinced that these flaws should be repaired.
TP-Link's Internet presence -- or at least DNS -- is available only intermittently. Most emails bounced. Lost contact with vendor, but did confirm that development lead is now on holiday and will not return for at least a week.
Initial vendor reaction was to recommend purchase of "3-series" switches. Vendor did not offer reasons why "3-series" switches would be more secure, apart from lack of telnet service. Vendor confirmed that no development time can be allocated to securing "2-series" product and all focus has shifted to newer products.
(TL-SG2008 first product availability July 2014...)
Vendor deeply confused about security of DES/3DES, MD5, claimed that all security is relative. ("...[E]ven SHA-1 can be cracked, they just have different security level.")
Fix availability: None.
Work-arounds advised: None possible. Remove products from network. R7-0034: VxWorks WDB Agent Debug Service Exposure August 2, 2010
-- Rapid7 Customer Protection: Rapid7 NeXpose customers have access to a vulnerability check for this flaw as of the latest update. More information about this check can be found online at:
http://www.rapid7.com/vulndb/lookup/vxworks-wdbrpc-exposed
-- Vulnerability Details: This vulnerability allows remote attackers to read memory, write memory, execute code, and ultimately take complete control of the affected device. This issue affects over 100 different vendors and a multitude of products, both shipping and end-of-life. A spreadsheet of identified products affected by this flaw can be found at the URL below. This index is not comprehensive and not all devices found are still supported.
http://www.metasploit.com/data/confs/bsideslv2010/VxWorksDevices.xls
This flaw occurs due to an insecure setting in the configuration file of the manufacturer's source code. This setting results in a system- debug service being exposed on UDP port 17185. This service does not require authentication to access. More information about this issue can be found at the Metasploit blog:
http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html
-- Vendor Response: Wind River Systems has notified their customers of the issue and indicated that the WDB agent should be disabled for production builds. CERT has notified every vendor with an identified, shipping product containing this vulnerability. Responses for each specific vendor can be found in the CERT advisory:
http://www.kb.cert.org/vuls/id/362332
-- Disclosure Timeline: 2010-06-02 - Vulnerability reported to CERT for vendor notification 2010-08-02 - Coordinated public release of advisory
-- Credit: This vulnerability had been discovered in specific devices in multiple instances, first by Bennett Todd in 2002 and then Shawn Merdinger in 2005. A comprehensive analysis of all affected devices was conducted by HD Moore in 2010.
-- About Rapid7 Security Rapid7 provides vulnerability management, compliance and penetration testing solutions for Web application, network and database security. In addition to developing the NeXpose Vulnerability Management system, Rapid7 manages the Metasploit Project and is the primary sponsor of the W3AF web assessment tool.
Our vulnerability disclosure policy is available online at:
http://www.rapid7.com/disclosure.jsp
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201008-1004", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "5.5", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "5", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.4", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6", }, { model: "vxworks", scope: "lte", trust: 1, vendor: "windriver", version: "6.8", }, { model: "vxworks", scope: "lt", trust: 0.8, vendor: "wind river", version: "6.9", }, { model: "river systems vxworks through", scope: "eq", trust: 0.6, vendor: "wind", version: "6.56.9", }, { model: null, scope: null, trust: 0.6, vendor: "no", version: null, }, { model: "vxworks", scope: "eq", trust: 0.6, vendor: "windriver", version: "6.8", }, { model: null, scope: "eq", trust: 0.4, vendor: "vxworks", version: "5", }, { model: null, scope: "eq", trust: 0.4, vendor: "vxworks", version: "5.5", }, { model: null, scope: "eq", trust: 0.4, vendor: "vxworks", version: "6", }, { model: null, scope: "eq", trust: 0.4, vendor: "vxworks", version: "6.4", }, { model: null, scope: "eq", trust: 0.4, vendor: "vxworks", version: "*", }, ], sources: [ { db: "IVD", id: "0183e958-2356-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d753cb1-463f-11e9-876d-000c29342cb1", }, { db: "CNVD", id: "CNVD-2010-3889", }, { db: "CNVD", id: "CNVD-2010-1489", }, { db: "JVNDB", id: "JVNDB-2010-005614", }, { db: "CNNVD", id: "CNNVD-201008-031", }, { db: "NVD", id: "CVE-2010-2967", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:windriver:vxworks:5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:5.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.8", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2010-2967", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "kvnjs", sources: [ { db: "PACKETSTORM", id: "128512", }, ], trust: 0.1, }, cve: "CVE-2010-2967", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "NONE", baseScore: 7.8, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, impactScore: 6.9, integrityImpact: "NONE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:C/I:N/A:N", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "None", baseScore: 7.8, confidentialityImpact: "Complete", exploitabilityScore: null, id: "CVE-2010-2967", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:C/I:N/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 7.8, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "CNVD-2010-3889", impactScore: 6.9, integrityImpact: "NONE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:C/I:N/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "NONE", baseScore: 7.8, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "bab59964-1fb2-11e6-abef-000c29c66e3d", impactScore: 6.9, integrityImpact: "NONE", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:C/I:N/A:N", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "NONE", baseScore: 7.8, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "0183e958-2356-11e6-abef-000c29c66e3d", impactScore: 6.9, integrityImpact: "NONE", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:C/I:N/A:N", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "7d72f2c0-463f-11e9-98f5-000c29342cb1", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "NONE", baseScore: 7.8, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "7d753cb1-463f-11e9-876d-000c29342cb1", impactScore: 6.9, integrityImpact: "NONE", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:C/I:N/A:N", version: "2.9 [IVD]", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2010-2967", trust: 1.8, value: "HIGH", }, { author: "CNVD", id: "CNVD-2010-3889", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201008-031", trust: 0.6, value: "HIGH", }, { author: "IVD", id: "bab59964-1fb2-11e6-abef-000c29c66e3d", trust: 0.2, value: "HIGH", }, { author: "IVD", id: "0183e958-2356-11e6-abef-000c29c66e3d", trust: 0.2, value: "HIGH", }, { author: "IVD", id: "7d72f2c0-463f-11e9-98f5-000c29342cb1", trust: 0.2, value: "HIGH", }, { author: "IVD", id: "7d753cb1-463f-11e9-876d-000c29342cb1", trust: 0.2, value: "HIGH", }, ], }, ], sources: [ { db: "IVD", id: "bab59964-1fb2-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "0183e958-2356-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d72f2c0-463f-11e9-98f5-000c29342cb1", }, { db: "IVD", id: "7d753cb1-463f-11e9-876d-000c29342cb1", }, { db: "CNVD", id: "CNVD-2010-3889", }, { db: "JVNDB", id: "JVNDB-2010-005614", }, { db: "CNNVD", id: "CNNVD-201008-031", }, { db: "NVD", id: "CVE-2010-2967", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "The loginDefaultEncrypt algorithm in loginLib in Wind River VxWorks before 6.9 does not properly support a large set of distinct possible passwords, which makes it easier for remote attackers to obtain access via a (1) telnet, (2) rlogin, or (3) FTP session. VxWorks is an embedded real-time operating system. VxWorks has multiple security vulnerabilities that allow an attacker to bypass security restrictions and gain unauthorized access to the system. -VxWorks The WDB target agent runs as a task in VxWorks, which is an optional component in the VxWorks configuration that is enabled by default. The WDB Target Agent Debug Service provides read/write access to device memory, allowing calls to functions. It is recommended to reconfigure VxWorks that contain the components required for operations and build the appropriate system image type. It is recommended to remove the WEB target proxy and debug components (INCLUDE_WDB and INCLUDE_DEBUG) and other operating system components that do not need to support the client application. - The HASK algorithm for the standard authentication API under VxWorks is vulnerable to collisions, and attackers with known usernames can access (telnet, rlogin or FTP) services using a standard authentication API (loginDefaultEncrypt(), part of loginLib) in a relative The brute force password is cracked in a short period of time. Since the HASH algorithm is vulnerable to collision, it is not necessary to find the actual password, as long as a string is used to generate the same HASH. For example, when logging in with the default 'target/password', 'y{{{{{SS' will HASH out the same result as 'password'. So you can use 'password' and 'y{{{{{SS' as the password to log in. Vendor affected: TP-Link (http://tp-link.com)\n\nProducts affected:\n * All TP-Link VxWorks-based devices (confirmed by vendor)\n * All \"2-series\" switches (confirmed by vendor)\n * TL-SG2008 semi-managed switch (confirmed by vendor)\n * TL-SG2216 semi-managed switch (confirmed by vendor)\n * TL-SG2424 semi-managed switch (confirmed by vendor)\n * TL-SG2424P semi-managed switch (confirmed by vendor)\n * TL-SG2452 semi-managed switch (confirmed by vendor)\n\nVulnerabilities:\n * All previously-reported VxWorks vulnerabilities from 6.6.0 on;\n at the very least:\n * CVE-2013-0716 (confirmed by vendor)\n * CVE-2013-0715 (confirmed by vendor)\n * CVE-2013-0714 (confirmed by vendor)\n * CVE-2013-0713 (confirmed by vendor)\n * CVE-2013-0712 (confirmed by vendor)\n * CVE-2013-0711 (confirmed by vendor)\n * CVE-2010-2967 (confirmed by vendor)\n * CVE-2010-2966 (confirmed by vendor)\n * CVE-2008-2476 (confirmed by vendor)\n * SSLv2 is available and cannot be disabled unless HTTPS is\n completely disabled (allows downgrade attacks)\n (confirmed by vendor)\n * SSL (v2, v3) offers insecure cipher suites and HMACs which cannot\n be disabled (allows downgrade attacks)\n (confirmed by vendor)\n\nDesign flaws:\n * Telnet is available and cannot be disabled (confirmed by vendor)\n * SSHv1 enabled by default if SSH is enabled (confirmed by vendor)\n\nVendor response:\n TP-Link are not convinced that these flaws should be repaired. \n\n TP-Link's Internet presence -- or at least DNS -- is available only\n intermittently. Most emails bounced. Lost contact with vendor, but\n did confirm that development lead is now on holiday and will not\n return for at least a week. \n\n Initial vendor reaction was to recommend purchase of \"3-series\"\n switches. Vendor did not offer reasons why \"3-series\" switches would\n be more secure, apart from lack of telnet service. Vendor confirmed\n that no development time can be allocated to securing \"2-series\"\n product and all focus has shifted to newer products. \n\n (TL-SG2008 first product availability July 2014...)\n\n Vendor deeply confused about security of DES/3DES, MD5, claimed that\n all security is relative. (\"...[E]ven SHA-1 can be cracked, they just\n have different security level.\")\n\nFix availability:\n None. \n\nWork-arounds advised:\n None possible. Remove products from network. R7-0034: VxWorks WDB Agent Debug Service Exposure\nAugust 2, 2010\n\n-- Rapid7 Customer Protection:\nRapid7 NeXpose customers have access to a vulnerability check for this\nflaw as of the latest update. More information about this check can be\nfound online at:\n\n http://www.rapid7.com/vulndb/lookup/vxworks-wdbrpc-exposed\n\n-- Vulnerability Details:\nThis vulnerability allows remote attackers to read memory, write memory,\nexecute code, and ultimately take complete control of the affected\ndevice. This issue affects over 100 different vendors and a multitude of\nproducts, both shipping and end-of-life. A spreadsheet of identified\nproducts affected by this flaw can be found at the URL below. This index\nis not comprehensive and not all devices found are still supported. \n\n http://www.metasploit.com/data/confs/bsideslv2010/VxWorksDevices.xls\n\nThis flaw occurs due to an insecure setting in the configuration file of\nthe manufacturer's source code. This setting results in a system- debug\nservice being exposed on UDP port 17185. This service does not require\nauthentication to access. More information about this issue can be found\nat the Metasploit blog:\n\n http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html\n\n-- Vendor Response:\nWind River Systems has notified their customers of the issue and\nindicated that the WDB agent should be disabled for production builds. \nCERT has notified every vendor with an identified, shipping product\ncontaining this vulnerability. Responses for each specific vendor can be\nfound in the CERT advisory:\n\n http://www.kb.cert.org/vuls/id/362332\n\n-- Disclosure Timeline:\n2010-06-02 - Vulnerability reported to CERT for vendor notification\n2010-08-02 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability had been discovered in specific devices in multiple\ninstances, first by Bennett Todd in 2002 and then Shawn Merdinger in\n2005. A comprehensive analysis of all affected devices was conducted by\nHD Moore in 2010. \n\n-- About Rapid7 Security\nRapid7 provides vulnerability management, compliance and penetration\ntesting solutions for Web application, network and database security. In\naddition to developing the NeXpose Vulnerability Management system,\nRapid7 manages the Metasploit Project and is the primary sponsor of the\nW3AF web assessment tool. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.rapid7.com/disclosure.jsp\n\n", sources: [ { db: "NVD", id: "CVE-2010-2967", }, { db: "JVNDB", id: "JVNDB-2010-005614", }, { db: "CNVD", id: "CNVD-2010-3889", }, { db: "CNVD", id: "CNVD-2010-1489", }, { db: "IVD", id: "bab59964-1fb2-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "0183e958-2356-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d72f2c0-463f-11e9-98f5-000c29342cb1", }, { db: "IVD", id: "7d753cb1-463f-11e9-876d-000c29342cb1", }, { db: "PACKETSTORM", id: "128512", }, { db: "PACKETSTORM", id: "92448", }, ], trust: 3.6, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2010-2967", trust: 3.5, }, { db: "CERT/CC", id: "VU#840249", trust: 2.4, }, { db: "CNVD", id: "CNVD-2010-1489", trust: 1, }, { db: "CNVD", id: "CNVD-2010-3889", trust: 1, }, { db: "CNNVD", id: "CNNVD-201008-031", trust: 1, }, { db: "JVNDB", id: "JVNDB-2010-005614", trust: 0.8, }, { db: "CERT/CC", id: "VU#362332", trust: 0.7, }, { db: "BID", id: "42114", trust: 0.6, }, { db: "IVD", id: "BAB59964-1FB2-11E6-ABEF-000C29C66E3D", trust: 0.2, }, { db: "IVD", id: "0183E958-2356-11E6-ABEF-000C29C66E3D", trust: 0.2, }, { db: "IVD", id: "7D72F2C0-463F-11E9-98F5-000C29342CB1", trust: 0.2, }, { db: "IVD", id: "7D753CB1-463F-11E9-876D-000C29342CB1", trust: 0.2, }, { db: "PACKETSTORM", id: "128512", trust: 0.1, }, { db: "PACKETSTORM", id: "92448", trust: 0.1, }, ], sources: [ { db: "IVD", id: "bab59964-1fb2-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "0183e958-2356-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d72f2c0-463f-11e9-98f5-000c29342cb1", }, { db: "IVD", id: "7d753cb1-463f-11e9-876d-000c29342cb1", }, { db: "CNVD", id: "CNVD-2010-3889", }, { db: "CNVD", id: "CNVD-2010-1489", }, { db: "JVNDB", id: "JVNDB-2010-005614", }, { db: "PACKETSTORM", id: "128512", }, { db: "PACKETSTORM", id: "92448", }, { db: "CNNVD", id: "CNNVD-201008-031", }, { db: "NVD", id: "CVE-2010-2967", }, ], }, id: "VAR-201008-1004", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "bab59964-1fb2-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "0183e958-2356-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d72f2c0-463f-11e9-98f5-000c29342cb1", }, { db: "IVD", id: "7d753cb1-463f-11e9-876d-000c29342cb1", }, { db: "CNVD", id: "CNVD-2010-3889", }, { db: "CNVD", id: "CNVD-2010-1489", }, ], trust: 2.48058823, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 1.4, }, { category: [ "IoT", "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "IVD", id: "bab59964-1fb2-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "0183e958-2356-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d72f2c0-463f-11e9-98f5-000c29342cb1", }, { db: "IVD", id: "7d753cb1-463f-11e9-876d-000c29342cb1", }, { db: "CNVD", id: "CNVD-2010-3889", }, { db: "CNVD", id: "CNVD-2010-1489", }, ], }, last_update_date: "2024-07-23T20:50:25.420000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Top Page", trust: 0.8, url: "http://www.windriver.com/", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2010-005614", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-310", trust: 1.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2010-005614", }, { db: "NVD", id: "CVE-2010-2967", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.4, url: "http://www.kb.cert.org/vuls/id/840249", }, { trust: 2.3, url: "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", }, { trust: 1.6, url: "https://support.windriver.com/olsportal/faces/maintenance/downloaddetails.jspx?contentid=033709", }, { trust: 1.6, url: "http://www.kb.cert.org/vuls/id/mapg-863qh9", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2967", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2967", }, { trust: 0.6, url: "http://www.kb.cert.org/vuls/id/362332http", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2010-2966", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0713", }, { trust: 0.1, url: "http://tp-link.com)", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0715", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2010-2967", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2008-2476", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0716", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0712", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0711", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0714", }, { trust: 0.1, url: "http://www.rapid7.com/disclosure.jsp", }, { trust: 0.1, url: "http://www.kb.cert.org/vuls/id/362332", }, { trust: 0.1, url: "http://www.rapid7.com/vulndb/lookup/vxworks-wdbrpc-exposed", }, { trust: 0.1, url: "http://www.metasploit.com/data/confs/bsideslv2010/vxworksdevices.xls", }, ], sources: [ { db: "CNVD", id: "CNVD-2010-3889", }, { db: "CNVD", id: "CNVD-2010-1489", }, { db: "JVNDB", id: "JVNDB-2010-005614", }, { db: "PACKETSTORM", id: "128512", }, { db: "PACKETSTORM", id: "92448", }, { db: "CNNVD", id: "CNNVD-201008-031", }, { db: "NVD", id: "CVE-2010-2967", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "bab59964-1fb2-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "0183e958-2356-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d72f2c0-463f-11e9-98f5-000c29342cb1", }, { db: "IVD", id: "7d753cb1-463f-11e9-876d-000c29342cb1", }, { db: "CNVD", id: "CNVD-2010-3889", }, { db: "CNVD", id: "CNVD-2010-1489", }, { db: "JVNDB", id: "JVNDB-2010-005614", }, { db: "PACKETSTORM", id: "128512", }, { db: "PACKETSTORM", id: "92448", }, { db: "CNNVD", id: "CNNVD-201008-031", }, { db: "NVD", id: "CVE-2010-2967", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2010-08-03T00:00:00", db: "IVD", id: "bab59964-1fb2-11e6-abef-000c29c66e3d", }, { date: "2010-08-05T00:00:00", db: "IVD", id: "0183e958-2356-11e6-abef-000c29c66e3d", }, { date: "2010-08-03T00:00:00", db: "IVD", id: "7d72f2c0-463f-11e9-98f5-000c29342cb1", }, { date: "2010-08-05T00:00:00", db: "IVD", id: "7d753cb1-463f-11e9-876d-000c29342cb1", }, { date: "2010-08-05T00:00:00", db: "CNVD", id: "CNVD-2010-3889", }, { date: "2010-08-03T00:00:00", db: "CNVD", id: "CNVD-2010-1489", }, { date: "2012-12-20T00:00:00", db: "JVNDB", id: "JVNDB-2010-005614", }, { date: "2014-10-01T10:11:11", db: "PACKETSTORM", id: "128512", }, { date: "2010-08-03T17:02:02", db: "PACKETSTORM", id: "92448", }, { date: "2010-08-05T00:00:00", db: "CNNVD", id: "CNNVD-201008-031", }, { date: "2010-08-05T13:22:29.857000", db: "NVD", id: "CVE-2010-2967", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2010-08-05T00:00:00", db: "CNVD", id: "CNVD-2010-3889", }, { date: "2010-08-03T00:00:00", db: "CNVD", id: "CNVD-2010-1489", }, { date: "2012-12-20T00:00:00", db: "JVNDB", id: "JVNDB-2010-005614", }, { date: "2010-08-06T00:00:00", db: "CNNVD", id: "CNNVD-201008-031", }, { date: "2010-08-05T13:22:29.857000", db: "NVD", id: "CVE-2010-2967", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201008-031", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River VxWorks loginDefaultEncrypt Algorithm encryption problem vulnerability", sources: [ { db: "IVD", id: "0183e958-2356-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d753cb1-463f-11e9-876d-000c29342cb1", }, { db: "CNVD", id: "CNVD-2010-3889", }, { db: "CNNVD", id: "CNNVD-201008-031", }, ], trust: 1.6, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "encryption problem", sources: [ { db: "CNNVD", id: "CNNVD-201008-031", }, ], trust: 0.6, }, }
var-201008-0272
Vulnerability from variot
The loginDefaultEncrypt algorithm in loginLib in Wind River VxWorks before 6.9 does not properly support a large set of distinct possible passwords, which makes it easier for remote attackers to obtain access via a (1) telnet, (2) rlogin, or (3) FTP session. It is relatively easy to find a string that has the same hash value as a regular password.Authentication by attacker API (loginLib) May be used to access services using. The hashing algorithm that is used in the standard authentication API for VxWorks is susceptible to collisions. An attacker can brute force a password by guessing a string that produces the same hash as a legitimate password. VxWorks is prone to a security vulnerability due to an insecure-hashing algorithm. The issue affects multiple products from multiple vendors that ship with the VxWorks operating system. NOTE: This document previously covered two vulnerabilities in VxWorks. The remote security-bypass issue has been moved to BID 42158 (VxWorks Debugging Service Security-Bypass Vulnerability) to allow for better documentation of both issues. This flaw occurs due to an insecure password hashing implementation in the authentication library (loginLib) of the VxWorks operating system. Regardless of what password is set for a particular account, there are a only small number (~210k) of possible hash outputs. Typical passwords consisting of alphanumeric characters and symbols fall within an even smaller range of hash outputs (~8k), making this trivial to brute force over the network. To excaberate matters, loginLib has no support for account lockouts and the FTP daemon does not disconnect clients that consistently fail to authenticate. This reduces the brute force time for the FTP service to approximately 30 minutes.
To demonstrate the hash weakness, the password of "insecure" hashes to the value "Ry99dzRcy9". The password of "s{{{{{^O" also hashes to the same output. The hashing algorithm itself is based on an additive sum with a small XOR operation. The resulting sums are then transformed to a printable string, but the range of possible intermediate values is limited and mostly sequential. The entire collision table has been precomputed and will be released in early September as an input file for common brute force tools. More information about the hashing algorithm itself is available at the Metasploit blog post below:
http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html
There are three requirements for this vulnerability to be exploited:
-
The device must be running at least one service that uses loginLib for authentication. Telnet and FTP do so by default.
-
A valid username must be known to the attacker. This is usually easy to determine through product manuals or a cursory review of the firmware binaries.
-
The target service must be using with default loginLib library and must not have changed the authentication function to point to a custom backend.
A typical VxWorks device will meet all three requirements by default, but customization by the device manufacturer may preclude this from being exploited. In general, if the device displays a VxWorks banner for Telnet or FTP, it is more than likely vulnerable.
-- Vendor Response: Wind River Systems has notified their customers of the issue and suggested that each downstream vendor replace the existing hash implementation with SHA512 or SHA256. The exact extent of the vulnerability and the complete list of affected devices is not known at this time. Example code from Wind River Systems has been supplied to CERT and is included in the advisory below:
http://www.kb.cert.org/vuls/id/840249
-- Disclosure Timeline: 2009-06-02 - Vulnerability reported to CERT for vendor notification 2009-08-02 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by HD Moore
-- About Rapid7 Security Rapid7 provides vulnerability management, compliance and penetration testing solutions for Web application, network and database security. In addition to developing the NeXpose Vulnerability Management system, Rapid7 manages the Metasploit Project and is the primary sponsor of the W3AF web assessment tool.
Our vulnerability disclosure policy is available online at:
http://www.rapid7.com/disclosure.jsp
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201008-0272", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6.4", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "5.5", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "6", }, { model: "vxworks", scope: "eq", trust: 1.6, vendor: "windriver", version: "5", }, { model: "vxworks", scope: "lte", trust: 1, vendor: "windriver", version: "6.8", }, { model: "vxworks", scope: "lt", trust: 0.8, vendor: "wind river", version: "6.9", }, { model: "vxworks", scope: null, trust: 0.8, vendor: "wind river", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "ericsson", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "polycom", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "wind river", version: null, }, { model: "vxworks", scope: "eq", trust: 0.6, vendor: "windriver", version: "6.8", }, { model: "river systems vxworks through", scope: "eq", trust: 0.6, vendor: "wind", version: "6.56.9", }, { model: null, scope: "eq", trust: 0.4, vendor: "vxworks", version: "5", }, { model: null, scope: "eq", trust: 0.4, vendor: "vxworks", version: "5.5", }, { model: null, scope: "eq", trust: 0.4, vendor: "vxworks", version: "6", }, { model: null, scope: "eq", trust: 0.4, vendor: "vxworks", version: "6.4", }, { model: null, scope: "eq", trust: 0.4, vendor: "vxworks", version: "*", }, { model: "river systems vxworks", scope: "eq", trust: 0.3, vendor: "wind", version: "0", }, ], sources: [ { db: "NVD", id: "CVE-2010-2967", }, { db: "IVD", id: "0183e958-2356-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d753cb1-463f-11e9-876d-000c29342cb1", }, { db: "CNNVD", id: "CNNVD-201008-031", }, { db: "CNVD", id: "CNVD-2010-3889", }, { db: "JVNDB", id: "JVNDB-2010-005614", }, { db: "JVNDB", id: "JVNDB-2010-001882", }, { db: "BID", id: "42114", }, { db: "CERT/CC", id: "VU#840249", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:windriver:vxworks:5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:5.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.8", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2010-2967", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "HD Moore", sources: [ { db: "BID", id: "42114", }, ], trust: 0.3, }, cve: "CVE-2010-2967", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/severity#", }, "@id": "https://www.variotdbs.pl/ref/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "NONE", baseScore: 7.8, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "CVE-2010-2967", impactScore: 6.9, integrityImpact: "NONE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1.8, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:C/I:N/A:N", version: "2.0", }, { acInsufInfo: null, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CARNEGIE MELLON", availabilityImpact: "COMPLETE", availabilityRequirement: "NOT DEFINED", baseScore: 10, collateralDamagePotential: "NOT DEFINED", confidentialityImpact: "COMPLETE", confidentialityRequirement: "NOT DEFINED", enviromentalScore: 9.5, exploitability: "HIGH", exploitabilityScore: 10, id: "VU#840249", impactScore: 10, integrityImpact: "COMPLETE", integrityRequirement: "NOT DEFINED", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, remediationLevel: "WORKAROUND", reportConfidence: "CONFIRMED", severity: "HIGH", targetDistribution: "NOT DEFINED", trust: 0.8, userInterationRequired: null, vector_string: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 7.8, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "CNVD-2010-3889", impactScore: 6.9, integrityImpact: "NONE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:C/I:N/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "NONE", baseScore: 7.8, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "0183e958-2356-11e6-abef-000c29c66e3d", impactScore: 6.9, integrityImpact: "NONE", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:C/I:N/A:N", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "NONE", baseScore: 7.8, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "7d753cb1-463f-11e9-876d-000c29342cb1", impactScore: 6.9, integrityImpact: "NONE", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:C/I:N/A:N", version: "2.9 [IVD]", }, { acInsufInfo: null, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "NONE", baseScore: 7.8, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "VH-CVE-2010-2967", impactScore: 6.9, integrityImpact: "NONE", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "HIGH", trust: 0.1, userInteractionRequired: null, vectorString: "AV:N/AC:L/AU:N/C:C/I:N/A:N", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2010-2967", trust: 1.8, value: "HIGH", }, { author: "CARNEGIE MELLON", id: "VU#840249", trust: 0.8, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201008-031", trust: 0.6, value: "HIGH", }, { author: "CNVD", id: "CNVD-2010-3889", trust: 0.6, value: "HIGH", }, { author: "IVD", id: "0183e958-2356-11e6-abef-000c29c66e3d", trust: 0.2, value: "HIGH", }, { author: "IVD", id: "7d753cb1-463f-11e9-876d-000c29342cb1", trust: 0.2, value: "HIGH", }, { author: "VUL-HUB", id: "VH-CVE-2010-2967", trust: 0.1, value: "High risk", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2010-2967", }, { db: "IVD", id: "0183e958-2356-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d753cb1-463f-11e9-876d-000c29342cb1", }, { db: "CNNVD", id: "CNNVD-201008-031", }, { db: "CNVD", id: "CNVD-2010-3889", }, { db: "JVNDB", id: "JVNDB-2010-005614", }, { db: "CERT/CC", id: "VU#840249", }, { db: "VULHUB", id: "VH-CVE-2010-2967", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "The loginDefaultEncrypt algorithm in loginLib in Wind River VxWorks before 6.9 does not properly support a large set of distinct possible passwords, which makes it easier for remote attackers to obtain access via a (1) telnet, (2) rlogin, or (3) FTP session. It is relatively easy to find a string that has the same hash value as a regular password.Authentication by attacker API (loginLib) May be used to access services using. The hashing algorithm that is used in the standard authentication API for VxWorks is susceptible to collisions. An attacker can brute force a password by guessing a string that produces the same hash as a legitimate password. VxWorks is prone to a security vulnerability due to an insecure-hashing algorithm. \nThe issue affects multiple products from multiple vendors that ship with the VxWorks operating system. \nNOTE: This document previously covered two vulnerabilities in VxWorks. The remote security-bypass issue has been moved to BID 42158 (VxWorks Debugging Service Security-Bypass Vulnerability) to allow for better documentation of both issues. \nThis flaw occurs due to an insecure password hashing implementation in\nthe authentication library (loginLib) of the VxWorks operating system. \nRegardless of what password is set for a particular account, there are a\nonly small number (~210k) of possible hash outputs. Typical passwords\nconsisting of alphanumeric characters and symbols fall within an even\nsmaller range of hash outputs (~8k), making this trivial to brute force\nover the network. To excaberate matters, loginLib has no support for\naccount lockouts and the FTP daemon does not disconnect clients that\nconsistently fail to authenticate. This reduces the brute force time for\nthe FTP service to approximately 30 minutes. \n\nTo demonstrate the hash weakness, the password of \"insecure\" hashes to\nthe value \"Ry99dzRcy9\". The password of \"s{{{{{^O\" also hashes to the\nsame output. The hashing algorithm itself is based on an additive sum\nwith a small XOR operation. The resulting sums are then transformed to a\nprintable string, but the range of possible intermediate values is\nlimited and mostly sequential. The entire collision table has been\nprecomputed and will be released in early September as an input file for\ncommon brute force tools. More information about the hashing algorithm\nitself is available at the Metasploit blog post below:\n\n http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html\n\nThere are three requirements for this vulnerability to be exploited:\n\n * The device must be running at least one service that uses loginLib\nfor authentication. Telnet and FTP do so by default. \n\n * A valid username must be known to the attacker. This is usually easy\nto determine through product manuals or a cursory review of the firmware\nbinaries. \n\n * The target service must be using with default loginLib library and\nmust not have changed the authentication function to point to a custom\nbackend. \n\nA typical VxWorks device will meet all three requirements by default,\nbut customization by the device manufacturer may preclude this from\nbeing exploited. In general, if the device displays a VxWorks banner for\nTelnet or FTP, it is more than likely vulnerable. \n\n-- Vendor Response:\nWind River Systems has notified their customers of the issue and\nsuggested that each downstream vendor replace the existing hash\nimplementation with SHA512 or SHA256. The exact extent of the\nvulnerability and the complete list of affected devices is not known at\nthis time. Example code from Wind River Systems has been supplied to\nCERT and is included in the advisory below:\n\n http://www.kb.cert.org/vuls/id/840249\n\n-- Disclosure Timeline:\n2009-06-02 - Vulnerability reported to CERT for vendor notification\n2009-08-02 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by HD Moore\n\n-- About Rapid7 Security\nRapid7 provides vulnerability management, compliance and penetration\ntesting solutions for Web application, network and database security. In\naddition to developing the NeXpose Vulnerability Management system,\nRapid7 manages the Metasploit Project and is the primary sponsor of the\nW3AF web assessment tool. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.rapid7.com/disclosure.jsp\n\n\n", sources: [ { db: "NVD", id: "CVE-2010-2967", }, { db: "JVNDB", id: "JVNDB-2010-005614", }, { db: "JVNDB", id: "JVNDB-2010-001882", }, { db: "CERT/CC", id: "VU#840249", }, { db: "CNVD", id: "CNVD-2010-3889", }, { db: "BID", id: "42114", }, { db: "IVD", id: "0183e958-2356-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d753cb1-463f-11e9-876d-000c29342cb1", }, { db: "VULHUB", id: "VH-CVE-2010-2967", }, { db: "PACKETSTORM", id: "92449", }, ], trust: 4.41, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "CERT/CC", id: "VU#840249", trust: 4.4, }, { db: "NVD", id: "CVE-2010-2967", trust: 3.5, }, { db: "CNNVD", id: "CNNVD-201008-031", trust: 1.1, }, { db: "CNVD", id: "CNVD-2010-3889", trust: 1, }, { db: "JVNDB", id: "JVNDB-2010-005614", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2010-001882", trust: 0.8, }, { db: "ICS CERT", id: "ICSA-10-214-01", trust: 0.8, }, { db: "BID", id: "42114", trust: 0.3, }, { db: "IVD", id: "0183E958-2356-11E6-ABEF-000C29C66E3D", trust: 0.2, }, { db: "IVD", id: "7D753CB1-463F-11E9-876D-000C29342CB1", trust: 0.2, }, { db: "VULHUB", id: "VH-CVE-2010-2967", trust: 0.1, }, { db: "PACKETSTORM", id: "92449", trust: 0.1, }, ], sources: [ { db: "NVD", id: "CVE-2010-2967", }, { db: "IVD", id: "0183e958-2356-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d753cb1-463f-11e9-876d-000c29342cb1", }, { db: "CNNVD", id: "CNNVD-201008-031", }, { db: "CNVD", id: "CNVD-2010-3889", }, { db: "JVNDB", id: "JVNDB-2010-005614", }, { db: "JVNDB", id: "JVNDB-2010-001882", }, { db: "BID", id: "42114", }, { db: "CERT/CC", id: "VU#840249", }, { db: "VULHUB", id: "VH-CVE-2010-2967", }, { db: "PACKETSTORM", id: "92449", }, ], }, id: "VAR-201008-0272", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "0183e958-2356-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d753cb1-463f-11e9-876d-000c29342cb1", }, { db: "CNVD", id: "CNVD-2010-3889", }, { db: "VULHUB", id: "VH-CVE-2010-2967", }, ], trust: 1.7928571500000001, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "IoT", "ICS", ], sub_category: null, trust: 0.6, }, { category: [ "ICS", ], sub_category: null, trust: 0.4, }, ], sources: [ { db: "IVD", id: "0183e958-2356-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d753cb1-463f-11e9-876d-000c29342cb1", }, { db: "CNVD", id: "CNVD-2010-3889", }, ], }, last_update_date: "2021-12-18T15:57:33.115000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Top Page", trust: 0.8, url: "http://www.windriver.com/", }, { title: "Top Page", trust: 0.8, url: "http://windriver.com/", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2010-005614", }, { db: "JVNDB", id: "JVNDB-2010-001882", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-310", trust: 1.9, }, ], sources: [ { db: "NVD", id: "CVE-2010-2967", }, { db: "JVNDB", id: "JVNDB-2010-005614", }, { db: "VULHUB", id: "VH-CVE-2010-2967", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 3.6, url: "http://www.kb.cert.org/vuls/id/840249", }, { trust: 2.6, url: "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", }, { trust: 2.4, url: "http://www.kb.cert.org/vuls/id/mapg-863qh9", }, { trust: 2.4, url: "https://support.windriver.com/olsportal/faces/maintenance/downloaddetails.jspx?contentid=033709", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2967", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2967", }, { trust: 0.8, url: "http://jvn.jp/cert/jvnvu840249", }, { trust: 0.8, url: "https://community.rapid7.com/community/metasploit/blog/2010/08/02/shiny-old-vxworks-vulnerabilities", }, { trust: 0.8, url: "http://www.us-cert.gov/control_systems/pdf/icsa-10-214-01_vxworks_vulnerabilities.pdf", }, { trust: 0.8, url: "http://blogs.windriver.com/chauhan/2010/08/vxworks-secure.html", }, { trust: 0.8, url: "http://newsoft-tech.blogspot.com/2010/09/follow-up-on-vxworks-issue.html", }, { trust: 0.8, url: "http://cvk.posterous.com/how-to-crack-vxworks-password-hashes", }, { trust: 0.8, url: "http://cwe.mitre.org/data/definitions/798.html", }, { trust: 0.8, url: "http://cwe.mitre.org/data/definitions/327.html", }, { trust: 0.8, url: "http://cwe.mitre.org/data/definitions/916.html", }, { trust: 0.3, url: "http://www.windriver.com/", }, { trust: 0.3, url: "/archive/1/512827", }, { trust: 0.3, url: "/archive/1/512842", }, { trust: 0.1, url: "http://www.rapid7.com/disclosure.jsp", }, ], sources: [ { db: "NVD", id: "CVE-2010-2967", }, { db: "CNNVD", id: "CNNVD-201008-031", }, { db: "CNVD", id: "CNVD-2010-3889", }, { db: "JVNDB", id: "JVNDB-2010-005614", }, { db: "JVNDB", id: "JVNDB-2010-001882", }, { db: "BID", id: "42114", }, { db: "CERT/CC", id: "VU#840249", }, { db: "PACKETSTORM", id: "92449", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "NVD", id: "CVE-2010-2967", }, { db: "IVD", id: "0183e958-2356-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d753cb1-463f-11e9-876d-000c29342cb1", }, { db: "CNNVD", id: "CNNVD-201008-031", }, { db: "CNVD", id: "CNVD-2010-3889", }, { db: "JVNDB", id: "JVNDB-2010-005614", }, { db: "JVNDB", id: "JVNDB-2010-001882", }, { db: "BID", id: "42114", }, { db: "CERT/CC", id: "VU#840249", }, { db: "VULHUB", id: "VH-CVE-2010-2967", }, { db: "PACKETSTORM", id: "92449", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2010-08-05T13:22:00", db: "NVD", id: "CVE-2010-2967", }, { date: "2010-08-05T00:00:00", db: "IVD", id: "0183e958-2356-11e6-abef-000c29c66e3d", }, { date: "2010-08-05T00:00:00", db: "IVD", id: "7d753cb1-463f-11e9-876d-000c29342cb1", }, { date: "2010-08-05T00:00:00", db: "CNNVD", id: "CNNVD-201008-031", }, { date: "2010-08-05T00:00:00", db: "CNVD", id: "CNVD-2010-3889", }, { date: "2012-12-20T00:00:00", db: "JVNDB", id: "JVNDB-2010-005614", }, { date: "2010-08-26T00:00:00", db: "JVNDB", id: "JVNDB-2010-001882", }, { date: "2010-08-02T00:00:00", db: "BID", id: "42114", }, { date: "2010-08-02T00:00:00", db: "CERT/CC", id: "VU#840249", }, { date: "2010-08-04T00:00:00", db: "VULHUB", id: "VH-CVE-2010-2967", }, { date: "2010-08-03T18:01:12", db: "PACKETSTORM", id: "92449", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2010-08-05T13:22:00", db: "NVD", id: "CVE-2010-2967", }, { date: null, db: "IVD", id: "0183e958-2356-11e6-abef-000c29c66e3d", }, { date: null, db: "IVD", id: "7d753cb1-463f-11e9-876d-000c29342cb1", }, { date: "2010-08-06T00:00:00", db: "CNNVD", id: "CNNVD-201008-031", }, { date: "2010-08-05T00:00:00", db: "CNVD", id: "CNVD-2010-3889", }, { date: "2012-12-20T00:00:00", db: "JVNDB", id: "JVNDB-2010-005614", }, { date: "2010-08-26T00:00:00", db: "JVNDB", id: "JVNDB-2010-001882", }, { date: "2010-08-05T19:46:00", db: "BID", id: "42114", }, { date: "2014-06-02T00:00:00", db: "CERT/CC", id: "VU#840249", }, { date: "2020-11-04T00:00:00", db: "VULHUB", id: "VH-CVE-2010-2967", }, { date: null, db: "PACKETSTORM", id: "92449", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201008-031", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River VxWorks loginDefaultEncrypt Algorithm encryption problem vulnerability", sources: [ { db: "IVD", id: "0183e958-2356-11e6-abef-000c29c66e3d", }, { db: "IVD", id: "7d753cb1-463f-11e9-876d-000c29342cb1", }, { db: "CNNVD", id: "CNNVD-201008-031", }, { db: "CNVD", id: "CNVD-2010-3889", }, ], trust: 1.6, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "encryption problem", sources: [ { db: "CNNVD", id: "CNNVD-201008-031", }, ], trust: 0.6, }, }
var-201908-0705
Vulnerability from variot
Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4 assignment by the ipdhcpc DHCP client component. Wind River VxWorks Contains an argument insertion or modification vulnerability.Tampering with information and disrupting service operations (DoS) There is a possibility of being put into a state. Wind River Systems VxWorks is an embedded real-time operating system (RTOS) from Wind River Systems. A parameter injection vulnerability exists in Wind River Systems VxWorks. The vulnerability stems from the process of constructing command parameters from external input data. The network system or product does not properly filter the special characters in the parameters. An attacker could exploit the vulnerability to execute an illegal command
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201908-0705", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "ruggedcom win7200", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "vxworks", scope: "eq", trust: 1, vendor: "windriver", version: "6.9.3", }, { model: "vxworks", scope: "eq", trust: 1, vendor: "windriver", version: "6.9.4", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.5.01", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "05.3.06", }, { model: "ruggedcom win7018", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "vxworks", scope: "eq", trust: 1, vendor: "windriver", version: "6.8", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.2.04", }, { model: "ruggedcom win7000", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "vxworks", scope: "eq", trust: 1, vendor: "windriver", version: "6.7", }, { model: "vxworks", scope: "eq", trust: 1, vendor: "windriver", version: "6.6", }, { model: "ruggedcom win7025", scope: "lt", trust: 1, vendor: "siemens", version: "bs5.2.461.17", }, { model: "hirschmann hios", scope: "lte", trust: 1, vendor: "belden", version: "07.0.07", }, { model: "vxworks", scope: "eq", trust: 1, vendor: "windriver", version: "7.0", }, { model: "garrettcom magnum dx940e", scope: "lte", trust: 1, vendor: "belden", version: "1.0.1_y7", }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "wind river", version: "6.6", }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "wind river", version: "6.7", }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "wind river", version: "6.8", }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "wind river", version: "6.9.3", }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "wind river", version: "6.9.4", }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "wind river", version: "7", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.9", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.8", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.7", }, { model: "river systems wind river systems vxworks", scope: "eq", trust: 0.6, vendor: "wind", version: "6.6", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.6", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.7", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.8", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.9.3", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "6.9.4", }, { model: null, scope: "eq", trust: 0.2, vendor: "vxworks", version: "7", }, ], sources: [ { db: "IVD", id: "099dbd8c-fa3c-4762-aac4-226d6f6b7c0e", }, { db: "CNVD", id: "CNVD-2019-25706", }, { db: "JVNDB", id: "JVNDB-2019-007544", }, { db: "NVD", id: "CVE-2019-12264", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.9.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:6.9.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.0.07", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rail_switch_power_lite:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rail_switch_power_smart:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_red25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1042:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1142:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1020:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1120:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1030:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_grs1130:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eesx20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_ees20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_ees25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eesx30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp32:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp25:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rsp35:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe32:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe35:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_rspe37:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.5.01", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_octopus_os3:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_msp40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "07.2.04", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_dragon_mach4000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_dragon_mach4500:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "05.3.06", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle30:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:belden:hirschmann_eagle_one:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:belden:garrettcom_magnum_dx940e_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "1.0.1_y7", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:belden:garrettcom_magnum_dx940e:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7018_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7018:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7025_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7025:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:ruggedcom_win7200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "bs5.2.461.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:ruggedcom_win7200:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2019-12264", }, ], }, cve: "CVE-2019-12264", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 4.8, confidentialityImpact: "NONE", exploitabilityScore: 6.5, impactScore: 4.9, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:A/AC:L/Au:N/C:N/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Adjacent Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 4.8, confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2019-12264", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:A/AC:L/Au:N/C:N/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 6.8, confidentialityImpact: "NONE", exploitabilityScore: 6.5, id: "CNVD-2019-25706", impactScore: 7.8, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:A/AC:L/Au:N/C:N/I:P/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "COMPLETE", baseScore: 6.8, confidentialityImpact: "NONE", exploitabilityScore: 6.5, id: "099dbd8c-fa3c-4762-aac4-226d6f6b7c0e", impactScore: 7.8, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.2, vectorString: "AV:A/AC:L/Au:N/C:N/I:P/A:C", version: "2.9 [IVD]", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 2.8, impactScore: 4.2, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Adjacent Network", author: "NVD", availabilityImpact: "High", baseScore: 7.1, baseSeverity: "High", confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2019-12264", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2019-12264", trust: 1.8, value: "HIGH", }, { author: "CNVD", id: "CNVD-2019-25706", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201907-1490", trust: 0.6, value: "HIGH", }, { author: "IVD", id: "099dbd8c-fa3c-4762-aac4-226d6f6b7c0e", trust: 0.2, value: "HIGH", }, ], }, ], sources: [ { db: "IVD", id: "099dbd8c-fa3c-4762-aac4-226d6f6b7c0e", }, { db: "CNVD", id: "CNVD-2019-25706", }, { db: "JVNDB", id: "JVNDB-2019-007544", }, { db: "NVD", id: "CVE-2019-12264", }, { db: "CNNVD", id: "CNNVD-201907-1490", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4 assignment by the ipdhcpc DHCP client component. Wind River VxWorks Contains an argument insertion or modification vulnerability.Tampering with information and disrupting service operations (DoS) There is a possibility of being put into a state. Wind River Systems VxWorks is an embedded real-time operating system (RTOS) from Wind River Systems. A parameter injection vulnerability exists in Wind River Systems VxWorks. The vulnerability stems from the process of constructing command parameters from external input data. The network system or product does not properly filter the special characters in the parameters. An attacker could exploit the vulnerability to execute an illegal command", sources: [ { db: "NVD", id: "CVE-2019-12264", }, { db: "JVNDB", id: "JVNDB-2019-007544", }, { db: "CNVD", id: "CNVD-2019-25706", }, { db: "IVD", id: "099dbd8c-fa3c-4762-aac4-226d6f6b7c0e", }, ], trust: 2.34, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-12264", trust: 3.2, }, { db: "SIEMENS", id: "SSA-189842", trust: 1.6, }, { db: "ICS CERT", id: "ICSA-19-274-01", trust: 1.4, }, { db: "ICS CERT", id: "ICSMA-19-274-01", trust: 1.4, }, { db: "ICS CERT", id: "ICSA-19-211-01", trust: 1.4, }, { db: "CNVD", id: "CNVD-2019-25706", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201907-1490", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2019-007544", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2019.3695.5", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.3245", trust: 0.6, }, { db: "AUSCERT", id: "ASB-2019.0224", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.2856", trust: 0.6, }, { db: "IVD", id: "099DBD8C-FA3C-4762-AAC4-226D6F6B7C0E", trust: 0.2, }, ], sources: [ { db: "IVD", id: "099dbd8c-fa3c-4762-aac4-226d6f6b7c0e", }, { db: "CNVD", id: "CNVD-2019-25706", }, { db: "JVNDB", id: "JVNDB-2019-007544", }, { db: "NVD", id: "CVE-2019-12264", }, { db: "CNNVD", id: "CNNVD-201907-1490", }, ], }, id: "VAR-201908-0705", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "099dbd8c-fa3c-4762-aac4-226d6f6b7c0e", }, { db: "CNVD", id: "CNVD-2019-25706", }, ], trust: 1.28913044, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "099dbd8c-fa3c-4762-aac4-226d6f6b7c0e", }, { db: "CNVD", id: "CNVD-2019-25706", }, ], }, last_update_date: "2023-12-18T11:51:07.451000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "SECURITY VULNERABILITY RESPONSE INFORMATION", trust: 0.8, url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { title: "CVE-2019-12264", trust: 0.8, url: "https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2019-12264", }, { title: "Wind River Systems VxWorks Parameter Injection Vulnerability Patch", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/172955", }, { title: "Wind River Systems VxWorks Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=95605", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-25706", }, { db: "JVNDB", id: "JVNDB-2019-007544", }, { db: "CNNVD", id: "CNNVD-201907-1490", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-88", trust: 1.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-007544", }, { db: "NVD", id: "CVE-2019-12264", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.6, url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { trust: 1.6, url: "https://support.f5.com/csp/article/k41190253", }, { trust: 1.6, url: "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us&docid=emr_na-hpesbhf03960en_us", }, { trust: 1.6, url: "https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2019-12264", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsa-19-211-01", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsa-19-274-01", }, { trust: 1.4, url: "https://www.us-cert.gov/ics/advisories/icsma-19-274-01", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-12264", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-12264", }, { trust: 0.6, url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/security-advisory-ipnet/security-advisory-ipnet.pdf", }, { trust: 0.6, url: "https://www.tenable.com/blog/critical-vulnerabilities-dubbed-urgent11-place-devices-running-vxworks-at-risk-of-rce-attacks", }, { trust: 0.6, url: "https://fortiguard.com/psirt/fg-ir-19-222", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.3695.5/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.2856/", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/wind-river-vxworks-multiple-vulnerabilities-via-ipnet-29905", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/asb-2019.0224/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.3245/", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-25706", }, { db: "JVNDB", id: "JVNDB-2019-007544", }, { db: "NVD", id: "CVE-2019-12264", }, { db: "CNNVD", id: "CNNVD-201907-1490", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "099dbd8c-fa3c-4762-aac4-226d6f6b7c0e", }, { db: "CNVD", id: "CNVD-2019-25706", }, { db: "JVNDB", id: "JVNDB-2019-007544", }, { db: "NVD", id: "CVE-2019-12264", }, { db: "CNNVD", id: "CNNVD-201907-1490", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-08-02T00:00:00", db: "IVD", id: "099dbd8c-fa3c-4762-aac4-226d6f6b7c0e", }, { date: "2019-08-02T00:00:00", db: "CNVD", id: "CNVD-2019-25706", }, { date: "2019-08-14T00:00:00", db: "JVNDB", id: "JVNDB-2019-007544", }, { date: "2019-08-05T18:15:10.863000", db: "NVD", id: "CVE-2019-12264", }, { date: "2019-07-29T00:00:00", db: "CNNVD", id: "CNNVD-201907-1490", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-08-02T00:00:00", db: "CNVD", id: "CNVD-2019-25706", }, { date: "2019-10-15T00:00:00", db: "JVNDB", id: "JVNDB-2019-007544", }, { date: "2022-06-16T18:10:52.543000", db: "NVD", id: "CVE-2019-12264", }, { date: "2021-09-08T00:00:00", db: "CNNVD", id: "CNNVD-201907-1490", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote or local", sources: [ { db: "CNNVD", id: "CNNVD-201907-1490", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River Systems VxWorks Parameter injection vulnerability", sources: [ { db: "IVD", id: "099dbd8c-fa3c-4762-aac4-226d6f6b7c0e", }, { db: "CNVD", id: "CNVD-2019-25706", }, { db: "CNNVD", id: "CNNVD-201907-1490", }, ], trust: 1.4, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Parameter injection", sources: [ { db: "IVD", id: "099dbd8c-fa3c-4762-aac4-226d6f6b7c0e", }, { db: "CNNVD", id: "CNNVD-201907-1490", }, ], trust: 0.8, }, }
var-202111-1496
Vulnerability from variot
An issue was discovered in VxWorks 6.9 through 7. In the IKE component, a specifically crafted packet may lead to reading beyond the end of a buffer, or a double free. VxWorks contains a double free vulnerability.Information is tampered with and service operation is interrupted (DoS) It may be in a state. Wind River VxWorks is an operating system of Wind River Company of the United States. The industry-leading real-time operating system for building embedded devices and systems. No detailed vulnerability details are currently provided
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202111-1496", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "vxworks", scope: "lte", trust: 1, vendor: "windriver", version: "7.0", }, { model: "vxworks", scope: "gte", trust: 1, vendor: "windriver", version: "6.9", }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "ウインドリバー株式会社", version: "6.9 to 7", }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "ウインドリバー株式会社", version: null, }, { model: "river vxworks", scope: "gte", trust: 0.6, vendor: "wind", version: "6.9,<=7.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2022-01699", }, { db: "JVNDB", id: "JVNDB-2021-015429", }, { db: "NVD", id: "CVE-2021-43268", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "7.0", versionStartIncluding: "6.9", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2021-43268", }, ], }, cve: "CVE-2021-43268", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "NONE", exploitabilityScore: 10, impactScore: 4.9, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 6.4, confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2021-43268", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2022-01699", impactScore: 4.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", exploitabilityScore: 3.9, impactScore: 2.5, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "Low", baseScore: 6.5, baseSeverity: "Medium", confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2021-43268", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2021-43268", trust: 1.8, value: "MEDIUM", }, { author: "CNVD", id: "CNVD-2022-01699", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202111-2086", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2022-01699", }, { db: "JVNDB", id: "JVNDB-2021-015429", }, { db: "NVD", id: "CVE-2021-43268", }, { db: "CNNVD", id: "CNNVD-202111-2086", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "An issue was discovered in VxWorks 6.9 through 7. In the IKE component, a specifically crafted packet may lead to reading beyond the end of a buffer, or a double free. VxWorks contains a double free vulnerability.Information is tampered with and service operation is interrupted (DoS) It may be in a state. Wind River VxWorks is an operating system of Wind River Company of the United States. The industry-leading real-time operating system for building embedded devices and systems. No detailed vulnerability details are currently provided", sources: [ { db: "NVD", id: "CVE-2021-43268", }, { db: "JVNDB", id: "JVNDB-2021-015429", }, { db: "CNVD", id: "CNVD-2022-01699", }, ], trust: 2.16, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-43268", trust: 3.8, }, { db: "JVNDB", id: "JVNDB-2021-015429", trust: 0.8, }, { db: "CNVD", id: "CNVD-2022-01699", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202111-2086", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2022-01699", }, { db: "JVNDB", id: "JVNDB-2021-015429", }, { db: "NVD", id: "CVE-2021-43268", }, { db: "CNNVD", id: "CNNVD-202111-2086", }, ], }, id: "VAR-202111-1496", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2022-01699", }, ], trust: 1.6, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2022-01699", }, ], }, last_update_date: "2023-12-18T11:56:58.265000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "CVE-2021-43268", trust: 0.8, url: "https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2021-43268", }, { title: "Patch for Wind River VxWorks Resource Management Error Vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/312121", }, { title: "Wind River VxWorks Remediation of resource management error vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=171991", }, ], sources: [ { db: "CNVD", id: "CNVD-2022-01699", }, { db: "JVNDB", id: "JVNDB-2021-015429", }, { db: "CNNVD", id: "CNNVD-202111-2086", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-415", trust: 1, }, { problemtype: "Double release (CWE-415) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-015429", }, { db: "NVD", id: "CVE-2021-43268", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2, url: "https://nvd.nist.gov/vuln/detail/cve-2021-43268", }, { trust: 1.6, url: "https://support2.windriver.com/index.php?page=cve&on=view&id=cve-2021-43268", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/vxworks-double-free-via-ike-component-36968", }, ], sources: [ { db: "CNVD", id: "CNVD-2022-01699", }, { db: "JVNDB", id: "JVNDB-2021-015429", }, { db: "NVD", id: "CVE-2021-43268", }, { db: "CNNVD", id: "CNNVD-202111-2086", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2022-01699", }, { db: "JVNDB", id: "JVNDB-2021-015429", }, { db: "NVD", id: "CVE-2021-43268", }, { db: "CNNVD", id: "CNNVD-202111-2086", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-12-31T00:00:00", db: "CNVD", id: "CNVD-2022-01699", }, { date: "2022-11-21T00:00:00", db: "JVNDB", id: "JVNDB-2021-015429", }, { date: "2021-11-24T17:15:08.030000", db: "NVD", id: "CVE-2021-43268", }, { date: "2021-11-24T00:00:00", db: "CNNVD", id: "CNNVD-202111-2086", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-01-26T00:00:00", db: "CNVD", id: "CNVD-2022-01699", }, { date: "2022-11-21T05:47:00", db: "JVNDB", id: "JVNDB-2021-015429", }, { date: "2021-12-01T14:07:01.483000", db: "NVD", id: "CVE-2021-43268", }, { date: "2021-12-07T00:00:00", db: "CNNVD", id: "CNNVD-202111-2086", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202111-2086", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River VxWorks Resource Management Error Vulnerability", sources: [ { db: "CNVD", id: "CNVD-2022-01699", }, { db: "CNNVD", id: "CNNVD-202111-2086", }, ], trust: 1.2, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "resource management error", sources: [ { db: "CNNVD", id: "CNNVD-202111-2086", }, ], trust: 0.6, }, }
var-200810-0004
Vulnerability from variot
The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB). A vulnerability in some implementations of the IPv6 Neighbor Discovery Protocol may allow a nearby attacker to intercept traffic or cause congested links to become overloaded. This false information can modify the Forward Information Base (FIB). Operating systems affected by the vulnerability: Wind River Systems VxWorks 6.4 Wind River Systems VxWorks 5 OpenBSD OpenBSD 4.4 OpenBSD OpenBSD 4.3 OpenBSD OpenBSD 4.2 NetBSD NetBSD 3.0.2 NetBSD NetBSD 3.0.1 NetBSD NetBSD Current NetBSD NetBSD 4.0 NetBSD NetBSD 3.1_RC3 NetBSD NetBSD 3.1 NetBSD NetBSD 3.1 NetBSD NetBSD 3,1_RC1 Navision Financials Server 3.0 MidnightBSD MidnightBSD 0.2.1 MidnightBSD MidnightBSD 0.1.1 MidnightBSD MidnightBSD 0.3 MidnightBSD MidnightBSD 0.1 Juniper Networks WXC Series 0 Juniper Networks WX Series 0 Juniper Networks Session and Resource Control Appliance 2.0 Juniper Networks Session and Resource Control Appliance 1. ----------------------------------------------------------------------
Did you know that a change in our assessment rating, exploit code availability, or if an updated patch is released by the vendor, is not part of this mailing-list?
Click here to learn more: http://secunia.com/advisories/business_solutions/
TITLE: HP-UX IPv6 Neighbor Discovery Protocol Neighbor Solicitation Vulnerability
SECUNIA ADVISORY ID: SA33787
VERIFY ADVISORY: http://secunia.com/advisories/33787/
CRITICAL: Less critical
IMPACT: Spoofing, Exposure of sensitive information, DoS
WHERE:
From local network
OPERATING SYSTEM: HP-UX 11.x http://secunia.com/advisories/product/138/
DESCRIPTION: A vulnerability has been reported in HP-UX, which can be exploited by malicious people to conduct spoofing attacks, disclose potentially sensitive information, or to cause a DoS (Denial of Service).
This is related to: SA32112
The vulnerability is reported in HP-UX B.11.11, B.11.23, and B.11.31 running IPv6.
SOLUTION: Apply patches.
HP-UX B.11.11: Install patch PHNE_37898 or subsequent.
HP-UX B.11.23: Install patch PHNE_37897 or subsequent.
HP-UX B.11.31: Install patch PHNE_38680 or subsequent.
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: HPSBUX02407 SSRT080107: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662367
OTHER REFERENCES: SA32112: http://secunia.com/advisories/32112/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Vendor affected: TP-Link (http://tp-link.com)
Products affected: * All TP-Link VxWorks-based devices (confirmed by vendor) * All "2-series" switches (confirmed by vendor) * TL-SG2008 semi-managed switch (confirmed by vendor) * TL-SG2216 semi-managed switch (confirmed by vendor) * TL-SG2424 semi-managed switch (confirmed by vendor) * TL-SG2424P semi-managed switch (confirmed by vendor) * TL-SG2452 semi-managed switch (confirmed by vendor)
Vulnerabilities: * All previously-reported VxWorks vulnerabilities from 6.6.0 on; at the very least: * CVE-2013-0716 (confirmed by vendor) * CVE-2013-0715 (confirmed by vendor) * CVE-2013-0714 (confirmed by vendor) * CVE-2013-0713 (confirmed by vendor) * CVE-2013-0712 (confirmed by vendor) * CVE-2013-0711 (confirmed by vendor) * CVE-2010-2967 (confirmed by vendor) * CVE-2010-2966 (confirmed by vendor) * CVE-2008-2476 (confirmed by vendor) * SSLv2 is available and cannot be disabled unless HTTPS is completely disabled (allows downgrade attacks) (confirmed by vendor) * SSL (v2, v3) offers insecure cipher suites and HMACs which cannot be disabled (allows downgrade attacks) (confirmed by vendor)
Design flaws: * Telnet is available and cannot be disabled (confirmed by vendor) * SSHv1 enabled by default if SSH is enabled (confirmed by vendor)
Vendor response: TP-Link are not convinced that these flaws should be repaired.
TP-Link's Internet presence -- or at least DNS -- is available only intermittently. Most emails bounced. Lost contact with vendor, but did confirm that development lead is now on holiday and will not return for at least a week.
Initial vendor reaction was to recommend purchase of "3-series" switches. Vendor did not offer reasons why "3-series" switches would be more secure, apart from lack of telnet service. Vendor confirmed that no development time can be allocated to securing "2-series" product and all focus has shifted to newer products.
(TL-SG2008 first product availability July 2014...)
Vendor deeply confused about security of DES/3DES, MD5, claimed that all security is relative. ("...[E]ven SHA-1 can be cracked, they just have different security level.")
Fix availability: None.
Work-arounds advised: None possible. Remove products from network. Corrected: 2008-10-01 00:32:59 UTC (RELENG_7, 7.1-PRERELEASE) 2008-10-01 00:32:59 UTC (RELENG_7_0, 7.0-RELEASE-p5) 2008-10-01 00:32:59 UTC (RELENG_6, 6.4-PRERELEASE) 2008-10-01 00:32:59 UTC (RELENG_6_3, 6.3-RELEASE-p5) CVE Name: CVE-2008-2476
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
I. Background
IPv6 nodes use the Neighbor Discovery protocol to determine the link-layer address of other nodes, find routers, and maintain reachability information. The Neighbor Discovery protocol uses Neighbor Solicitation (ICMPv6 type 135) to query target nodes for their link-layer addresses.
II. Problem Description
IPv6 routers may allow "on-link" IPv6 nodes to create and update the router's neighbor cache and forwarding information. A malicious IPv6 node sharing a common router but on a different physical segment from another node may be able to spoof Neighbor Discovery messages, allowing it to update router information for the victim node.
III. Impact
An attacker on a different physical network connected to the same IPv6 router as another node could redirect IPv6 traffic intended for that node.
IV. Workaround
Firewall packet filters can be used to filter incoming Neighbor Solicitation messages but may interfere with normal IPv6 operation if not configured carefully.
Reverse path forwarding checks could be used to make gateways, such as routers or firewalls, drop Neighbor Solicitation messages from nodes with unexpected source addresses on a particular interface.
V. Solution
NOTE WELL: The solution described below causes IPv6 Neighbor Discovery Neighbor Solicitation messages from non-neighbors to be ignored. This can be re-enabled if required by setting the newly added net.inet6.icmp6.nd6_onlink_ns_rfc4861 sysctl to a non-zero value.
Perform one of the following:
1) Upgrade your vulnerable system to 6-STABLE, or 7-STABLE, or to the RELENG_7_0, or RELENG_6_3 security branch dated after the correction date.
2) To patch your present system:
The following patches have been verified to apply to FreeBSD 6.3 and 7.0 systems.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 6.3]
fetch http://security.FreeBSD.org/patches/SA-08:10/nd6-6.patch
fetch http://security.FreeBSD.org/patches/SA-08:10/nd6-6.patch.asc
[FreeBSD 7.0]
fetch http://security.FreeBSD.org/patches/SA-08:10/nd6-7.patch
fetch http://security.FreeBSD.org/patches/SA-08:10/nd6-7.patch.asc
b) Apply the patch.
cd /usr/src
patch < /path/to/patch
c) Recompile your kernel as described in and reboot the system.
VI. Correction details
The following list contains the revision numbers of each file that was corrected in FreeBSD.
Branch Revision Path
RELENG_6 src/sys/netinet6/in6.h 1.36.2.10 src/sys/netinet6/in6_proto.c 1.32.2.10 src/sys/netinet6/nd6.h 1.19.2.4 src/sys/netinet6/nd6_nbr.c 1.29.2.11 RELENG_6_3 src/UPDATING 1.416.2.37.2.10 src/sys/conf/newvers.sh 1.69.2.15.2.9 src/sys/netinet6/in6.h 1.36.2.8.2.1 src/sys/netinet6/in6_proto.c 1.32.2.8.2.1 src/sys/netinet6/nd6.h 1.19.2.2.6.1 src/sys/netinet6/nd6_nbr.c 1.29.2.9.2.1 RELENG_7 src/sys/netinet6/in6.h 1.51.2.2 src/sys/netinet6/in6_proto.c 1.46.2.3 src/sys/netinet6/nd6.h 1.21.2.2 src/sys/netinet6/nd6_nbr.c 1.47.2.3 RELENG_7_0 src/UPDATING 1.507.2.3.2.9 src/sys/conf/newvers.sh 1.72.2.5.2.9 src/sys/netinet6/in6.h 1.51.4.1 src/sys/netinet6/in6_proto.c 1.46.4.1 src/sys/netinet6/nd6.h 1.21.4.1 src/sys/netinet6/nd6_nbr.c 1.47.4.1
VII. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01662367 Version: 1
HPSBUX02407 SSRT080107 rev.1 - HP-UX Running IPv6, Remote Denial of Service (DoS) and Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2009-02-02 Last Updated: 2009-02-02
Potential Security Impact: Remote Denial of Service (DoS) and unauthorized access
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP-UX running IPv6. This vulnerability could be exploited remotely resulting in a Denial of Service (DoS) and unauthorized access.
References: CVE-2008-2476, CVE-2008-4404
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, B.11.31 running IPv6
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2008-2476 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2008-4404 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 =============================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
RESOLUTION
HP has provided the following software patches to resolve the vulnerabilities.
The patches are available for download from: http://itrc.hp.com
HP-UX Release - B.11.11 (11i v1) Patch ID - PHNE_37898
HP-UX Release - B.11.23 (11i v2) Patch ID - PHNE_37897
HP-UX Release - B.11.31 (11i v3) Patch ID - PHNE_38680
MANUAL ACTIONS: No
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.11
Networking.NET-KRN Networking.NET-PRG Networking.NET-RUN Networking.NET-RUN-64 OS-Core.CORE-KRN ProgSupport.C-INC Networking.NET2-KRN Networking.NMS2-KRN OS-Core.CORE2-KRN OS-Core.SYS-ADMIN Networking.NET2-KRN Networking.NMS2-KRN OS-Core.CORE2-KRN OS-Core.SYS-ADMIN action: install patch PHNE_37898 or subsequent URL: http://itrc.hp.com
HP-UX B.11.23
Networking.NET-PRG Networking.NET-RUN ProgSupport.C-INC Networking.NET-RUN-64 Networking.NET2-KRN Networking.NET2-RUN Networking.NMS2-KRN OS-Core.CORE2-KRN OS-Core.SYS2-ADMIN Networking.NET-RUN-64 Networking.NET2-KRN Networking.NET2-RUN Networking.NMS2-KRN OS-Core.CORE2-KRN OS-Core.SYS2-ADMIN action: install patch PHNE_37897 or subsequent URL: http://itrc.hp.com
HP-UX B.11.31
Networking.NET-RUN ProgSupport.C-INC Networking.NET-RUN-64 Networking.NET2-KRN Networking.NET2-RUN Networking.NMS2-KRN OS-Core.CORE2-KRN OS-Core.SYS2-ADMIN Networking.NET-RUN-64 Networking.NET2-KRN Networking.NET2-RUN Networking.NMS2-KRN OS-Core.CORE2-KRN OS-Core.SYS2-ADMIN action: install patch PHNE_38680 or subsequent URL: http://itrc.hp.com
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) - 2 February 2009 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2009 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: PGP 8.1
iQA/AwUBSYdFsuAfOvwtKn1ZEQK0VACeIKetdQfBDsssaZYXnerHz8AEwzEAn2iy saLPK+/sw3/02JA+b0HuzPfv =HTAW -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-200810-0004", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "freebsd", scope: "eq", trust: 1.9, vendor: "freebsd", version: "6.3", }, { model: "freebsd", scope: "eq", trust: 1.6, vendor: "freebsd", version: "7.1", }, { model: "openbsd", scope: "eq", trust: 1.3, vendor: "openbsd", version: "4.3", }, { model: "openbsd", scope: "eq", trust: 1.3, vendor: "openbsd", version: "4.2", }, { model: "vxworks", scope: "lte", trust: 1, vendor: "windriver", version: "6.4", }, { model: "netbsd", scope: "eq", trust: 1, vendor: "netbsd", version: "*", }, { model: "vxworks", scope: "eq", trust: 1, vendor: "windriver", version: "5.5", }, { model: "jnos", scope: "eq", trust: 1, vendor: "juniper", version: "*", }, { model: "ftos", scope: "eq", trust: 1, vendor: "force10", version: "*", }, { model: "vxworks", scope: "eq", trust: 1, vendor: "windriver", version: "5", }, { model: null, scope: null, trust: 0.8, vendor: "apple computer", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "extreme", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "force10", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "freebsd", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "ibm zseries", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "juniper", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "netbsd", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "openbsd", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "wind river", version: null, }, { model: "airmac express", scope: null, trust: 0.8, vendor: "apple", version: null, }, { model: "airmac extreme", scope: null, trust: 0.8, vendor: "apple", version: null, }, { model: "time capsule", scope: null, trust: 0.8, vendor: "apple", version: null, }, { model: "ax2000r series", scope: null, trust: 0.8, vendor: "alaxala", version: null, }, { model: "ax3600s series", scope: null, trust: 0.8, vendor: "alaxala", version: null, }, { model: "ax5400s series", scope: null, trust: 0.8, vendor: "alaxala", version: null, }, { model: "ax6300s series", scope: null, trust: 0.8, vendor: "alaxala", version: null, }, { model: "ax6700s series", scope: null, trust: 0.8, vendor: "alaxala", version: null, }, { model: "ax7700r series", scope: null, trust: 0.8, vendor: "alaxala", version: null, }, { model: "ax7800r series", scope: null, trust: 0.8, vendor: "alaxala", version: null, }, { model: "ax7800s series", scope: null, trust: 0.8, vendor: "alaxala", version: null, }, { model: "seil/neu", scope: "eq", trust: 0.8, vendor: "internet initiative", version: "128 2.45", }, { model: "seil/neu", scope: "eq", trust: 0.8, vendor: "internet initiative", version: "2fe plus 1.94", }, { model: "seil/turbo", scope: "eq", trust: 0.8, vendor: "internet initiative", version: "1.94", }, { model: "seil/x1,x2", scope: "eq", trust: 0.8, vendor: "internet initiative", version: "1.32", }, { model: "hp-ux", scope: "eq", trust: 0.8, vendor: "hewlett packard", version: "11.11", }, { model: "hp-ux", scope: "eq", trust: 0.8, vendor: "hewlett packard", version: "11.23", }, { model: "hp-ux", scope: "eq", trust: 0.8, vendor: "hewlett packard", version: "11.31", }, { model: "fitelnet-f series", scope: "eq", trust: 0.8, vendor: "furukawa electric", version: "fitelnet-f80/f100/f120/f140/f1000/f2000/f3000", }, { model: "ip8800/s,/r", scope: null, trust: 0.8, vendor: "nec", version: null, }, { model: "gr2000", scope: "eq", trust: 0.8, vendor: "hitachi", version: "none", }, { model: "gr2000", scope: "eq", trust: 0.8, vendor: "hitachi", version: "(b_model)", }, { model: "gr4000", scope: null, trust: 0.8, vendor: "hitachi", version: null, }, { model: "gs3000", scope: null, trust: 0.8, vendor: "hitachi", version: null, }, { model: "gs4000", scope: null, trust: 0.8, vendor: "hitachi", version: null, }, { model: "ipcom series", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "switch sr-s series", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "router si-r series", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "river systems vxworks", scope: "eq", trust: 0.3, vendor: "wind", version: "6.4", }, { model: "river systems vxworks", scope: "eq", trust: 0.3, vendor: "wind", version: "5", }, { model: "openbsd", scope: "eq", trust: 0.3, vendor: "openbsd", version: "4.4", }, { model: "netbsd", scope: "eq", trust: 0.3, vendor: "netbsd", version: "3.0.2", }, { model: "netbsd", scope: "eq", trust: 0.3, vendor: "netbsd", version: "3.0.1", }, { model: "current", scope: null, trust: 0.3, vendor: "netbsd", version: null, }, { model: "netbsd", scope: "eq", trust: 0.3, vendor: "netbsd", version: "4.0", }, { model: "3.1 rc3", scope: null, trust: 0.3, vendor: "netbsd", version: null, }, { model: "netbsd", scope: "eq", trust: 0.3, vendor: "netbsd", version: "3.1", }, { model: "3,1 rc1", scope: null, trust: 0.3, vendor: "netbsd", version: null, }, { model: "financials server", scope: "eq", trust: 0.3, vendor: "navision", version: "3.0", }, { model: "midnightbsd", scope: "eq", trust: 0.3, vendor: "midnightbsd", version: "0.2.1", }, { model: "midnightbsd", scope: "eq", trust: 0.3, vendor: "midnightbsd", version: "0.1.1", }, { model: "midnightbsd", scope: "eq", trust: 0.3, vendor: "midnightbsd", version: "0.3", }, { model: "midnightbsd", scope: "eq", trust: 0.3, vendor: "midnightbsd", version: "0.1", }, { model: "networks wxc series", scope: "eq", trust: 0.3, vendor: "juniper", version: "0", }, { model: "networks wx series", scope: "eq", trust: 0.3, vendor: "juniper", version: "0", }, { model: "networks session and resource control appliance", scope: "eq", trust: 0.3, vendor: "juniper", version: "2.0", }, { model: "networks session and resource control appliance", scope: "eq", trust: 0.3, vendor: "juniper", version: "1.0", }, { model: "networks secure access", scope: "eq", trust: 0.3, vendor: "juniper", version: "7000", }, { model: "networks secure access sp", scope: "eq", trust: 0.3, vendor: "juniper", version: "60006000", }, { model: "networks secure access", scope: "eq", trust: 0.3, vendor: "juniper", version: "600050000", }, { model: "networks secure access", scope: "eq", trust: 0.3, vendor: "juniper", version: "400030000", }, { model: "networks secure access", scope: "eq", trust: 0.3, vendor: "juniper", version: "20000", }, { model: "networks ive os", scope: "eq", trust: 0.3, vendor: "juniper", version: "6.0", }, { model: "networks ive os", scope: "eq", trust: 0.3, vendor: "juniper", version: "5.0", }, { model: "networks ive os", scope: "eq", trust: 0.3, vendor: "juniper", version: "4.0", }, { model: "networks ive os", scope: "eq", trust: 0.3, vendor: "juniper", version: "3.0", }, { model: "networks ive os", scope: "eq", trust: 0.3, vendor: "juniper", version: "2.0", }, { model: "networks ive os", scope: "eq", trust: 0.3, vendor: "juniper", version: "1.0", }, { model: "networks infranet controller", scope: "eq", trust: 0.3, vendor: "juniper", version: "6000", }, { model: "networks infranet controller", scope: "eq", trust: 0.3, vendor: "juniper", version: "4000", }, { model: "networks idp", scope: "eq", trust: 0.3, vendor: "juniper", version: "4.0", }, { model: "networks dxos", scope: "eq", trust: 0.3, vendor: "juniper", version: "5.0", }, { model: "z/os", scope: null, trust: 0.3, vendor: "ibm", version: null, }, { model: "hp-ux b.11.31", scope: null, trust: 0.3, vendor: "hp", version: null, }, { model: "hp-ux b.11.23", scope: null, trust: 0.3, vendor: "hp", version: null, }, { model: "hp-ux b.11.11", scope: null, trust: 0.3, vendor: "hp", version: null, }, { model: "hp-ux 11i", scope: "eq", trust: 0.3, vendor: "hp", version: "v3", }, { model: "hp-ux 11i", scope: "eq", trust: 0.3, vendor: "hp", version: "v2", }, { model: "hp-ux 11i", scope: "eq", trust: 0.3, vendor: "hp", version: "v1", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "6.0.x", }, { model: "-stable", scope: "eq", trust: 0.3, vendor: "freebsd", version: "6.0", }, { model: "-release", scope: "eq", trust: 0.3, vendor: "freebsd", version: "6.0", }, { model: "-release-p1", scope: "eq", trust: 0.3, vendor: "freebsd", version: "7.1", }, { model: "7.0-stable", scope: null, trust: 0.3, vendor: "freebsd", version: null, }, { model: "7.0-release", scope: null, trust: 0.3, vendor: "freebsd", version: null, }, { model: "beta4", scope: "eq", trust: 0.3, vendor: "freebsd", version: "7.0", }, { model: "-releng", scope: "eq", trust: 0.3, vendor: "freebsd", version: "7.0", }, { model: "-prerelease", scope: "eq", trust: 0.3, vendor: "freebsd", version: "7.0", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "7.0", }, { model: "-releng", scope: "eq", trust: 0.3, vendor: "freebsd", version: "6.3", }, { model: "-stable", scope: "eq", trust: 0.3, vendor: "freebsd", version: "6.2", }, { model: "-releng", scope: "eq", trust: 0.3, vendor: "freebsd", version: "6.2", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "6.2", }, { model: "-stable", scope: "eq", trust: 0.3, vendor: "freebsd", version: "6.1", }, { model: "-release-p10", scope: "eq", trust: 0.3, vendor: "freebsd", version: "6.1", }, { model: "-release", scope: "eq", trust: 0.3, vendor: "freebsd", version: "6.1", }, { model: "-release-p5", scope: "eq", trust: 0.3, vendor: "freebsd", version: "6.0", }, { model: "networks ftos", scope: "eq", trust: 0.3, vendor: "force10", version: "7.7.11", }, { model: "proactive contact", scope: "eq", trust: 0.3, vendor: "avaya", version: "3.0", }, { model: "airport extreme base station", scope: "eq", trust: 0.3, vendor: "apple", version: "0", }, { model: "airport express", scope: "eq", trust: 0.3, vendor: "apple", version: "6.3", }, { model: "airport express", scope: "eq", trust: 0.3, vendor: "apple", version: "6.1", }, { model: "airport base station", scope: null, trust: 0.3, vendor: "apple", version: null, }, { model: "time capsule", scope: "ne", trust: 0.3, vendor: "apple", version: "7.4.1", }, { model: "airport extreme base station with 802.11n", scope: "ne", trust: 0.3, vendor: "apple", version: "7.4.1", }, { model: "airport express base station with 802.11n", scope: "ne", trust: 0.3, vendor: "apple", version: "7.4.1", }, ], sources: [ { db: "CERT/CC", id: "VU#472363", }, { db: "BID", id: "31529", }, { db: "JVNDB", id: "JVNDB-2008-001801", }, { db: "CNNVD", id: "CNNVD-200810-024", }, { db: "NVD", id: "CVE-2008-2476", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:6.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:7.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:5.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:force10:ftos:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:juniper:jnos:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.4", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:openbsd:openbsd:4.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:openbsd:openbsd:4.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2008-2476", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "David Miles reported this issue.", sources: [ { db: "BID", id: "31529", }, { db: "CNNVD", id: "CNNVD-200810-024", }, ], trust: 0.9, }, cve: "CVE-2008-2476", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", exploitabilityScore: 8.6, impactScore: 10, integrityImpact: "COMPLETE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Medium", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Complete", baseScore: 9.3, confidentialityImpact: "Complete", exploitabilityScore: null, id: "CVE-2008-2476", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", exploitabilityScore: 8.6, id: "VHN-32601", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:M/AU:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2008-2476", trust: 1.8, value: "HIGH", }, { author: "CARNEGIE MELLON", id: "VU#472363", trust: 0.8, value: "2.70", }, { author: "CNNVD", id: "CNNVD-200810-024", trust: 0.6, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-32601", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "CERT/CC", id: "VU#472363", }, { db: "VULHUB", id: "VHN-32601", }, { db: "JVNDB", id: "JVNDB-2008-001801", }, { db: "CNNVD", id: "CNNVD-200810-024", }, { db: "NVD", id: "CVE-2008-2476", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB). A vulnerability in some implementations of the IPv6 Neighbor Discovery Protocol may allow a nearby attacker to intercept traffic or cause congested links to become overloaded. This false information can modify the Forward Information Base (FIB). Operating systems affected by the vulnerability: Wind River Systems VxWorks 6.4 Wind River Systems VxWorks 5 OpenBSD OpenBSD 4.4 OpenBSD OpenBSD 4.3 OpenBSD OpenBSD 4.2 NetBSD NetBSD 3.0.2 NetBSD NetBSD 3.0.1 NetBSD NetBSD Current NetBSD NetBSD 4.0 NetBSD NetBSD 3.1_RC3 NetBSD NetBSD 3.1 NetBSD NetBSD 3.1 NetBSD NetBSD 3,1_RC1 Navision Financials Server 3.0 MidnightBSD MidnightBSD 0.2.1 MidnightBSD MidnightBSD 0.1.1 MidnightBSD MidnightBSD 0.3 MidnightBSD MidnightBSD 0.1 Juniper Networks WXC Series 0 Juniper Networks WX Series 0 Juniper Networks Session and Resource Control Appliance 2.0 Juniper Networks Session and Resource Control Appliance 1. ----------------------------------------------------------------------\n\nDid you know that a change in our assessment rating, exploit code\navailability, or if an updated patch is released by the vendor, is\nnot part of this mailing-list?\n\nClick here to learn more:\nhttp://secunia.com/advisories/business_solutions/\n\n----------------------------------------------------------------------\n\nTITLE:\nHP-UX IPv6 Neighbor Discovery Protocol Neighbor Solicitation\nVulnerability\n\nSECUNIA ADVISORY ID:\nSA33787\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/33787/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nSpoofing, Exposure of sensitive information, DoS\n\nWHERE:\n>From local network\n\nOPERATING SYSTEM:\nHP-UX 11.x\nhttp://secunia.com/advisories/product/138/\n\nDESCRIPTION:\nA vulnerability has been reported in HP-UX, which can be exploited by\nmalicious people to conduct spoofing attacks, disclose potentially\nsensitive information, or to cause a DoS (Denial of Service). \n\nThis is related to:\nSA32112\n\nThe vulnerability is reported in HP-UX B.11.11, B.11.23, and B.11.31\nrunning IPv6. \n\nSOLUTION:\nApply patches. \n\nHP-UX B.11.11:\nInstall patch PHNE_37898 or subsequent. \n\nHP-UX B.11.23:\nInstall patch PHNE_37897 or subsequent. \n\nHP-UX B.11.31:\nInstall patch PHNE_38680 or subsequent. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nHPSBUX02407 SSRT080107:\nhttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662367\n\nOTHER REFERENCES:\nSA32112:\nhttp://secunia.com/advisories/32112/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Vendor affected: TP-Link (http://tp-link.com)\n\nProducts affected:\n * All TP-Link VxWorks-based devices (confirmed by vendor)\n * All \"2-series\" switches (confirmed by vendor)\n * TL-SG2008 semi-managed switch (confirmed by vendor)\n * TL-SG2216 semi-managed switch (confirmed by vendor)\n * TL-SG2424 semi-managed switch (confirmed by vendor)\n * TL-SG2424P semi-managed switch (confirmed by vendor)\n * TL-SG2452 semi-managed switch (confirmed by vendor)\n\nVulnerabilities:\n * All previously-reported VxWorks vulnerabilities from 6.6.0 on;\n at the very least:\n * CVE-2013-0716 (confirmed by vendor)\n * CVE-2013-0715 (confirmed by vendor)\n * CVE-2013-0714 (confirmed by vendor)\n * CVE-2013-0713 (confirmed by vendor)\n * CVE-2013-0712 (confirmed by vendor)\n * CVE-2013-0711 (confirmed by vendor)\n * CVE-2010-2967 (confirmed by vendor)\n * CVE-2010-2966 (confirmed by vendor)\n * CVE-2008-2476 (confirmed by vendor)\n * SSLv2 is available and cannot be disabled unless HTTPS is\n completely disabled (allows downgrade attacks)\n (confirmed by vendor)\n * SSL (v2, v3) offers insecure cipher suites and HMACs which cannot\n be disabled (allows downgrade attacks)\n (confirmed by vendor)\n\nDesign flaws:\n * Telnet is available and cannot be disabled (confirmed by vendor)\n * SSHv1 enabled by default if SSH is enabled (confirmed by vendor)\n\nVendor response:\n TP-Link are not convinced that these flaws should be repaired. \n\n TP-Link's Internet presence -- or at least DNS -- is available only\n intermittently. Most emails bounced. Lost contact with vendor, but\n did confirm that development lead is now on holiday and will not\n return for at least a week. \n\n Initial vendor reaction was to recommend purchase of \"3-series\"\n switches. Vendor did not offer reasons why \"3-series\" switches would\n be more secure, apart from lack of telnet service. Vendor confirmed\n that no development time can be allocated to securing \"2-series\"\n product and all focus has shifted to newer products. \n\n (TL-SG2008 first product availability July 2014...)\n\n Vendor deeply confused about security of DES/3DES, MD5, claimed that\n all security is relative. (\"...[E]ven SHA-1 can be cracked, they just\n have different security level.\")\n\nFix availability:\n None. \n\nWork-arounds advised:\n None possible. Remove products from network. \nCorrected: 2008-10-01 00:32:59 UTC (RELENG_7, 7.1-PRERELEASE)\n 2008-10-01 00:32:59 UTC (RELENG_7_0, 7.0-RELEASE-p5)\n 2008-10-01 00:32:59 UTC (RELENG_6, 6.4-PRERELEASE)\n 2008-10-01 00:32:59 UTC (RELENG_6_3, 6.3-RELEASE-p5)\nCVE Name: CVE-2008-2476\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit <URL:http://security.FreeBSD.org/>. \n\nI. Background\n\nIPv6 nodes use the Neighbor Discovery protocol to determine the link-layer\naddress of other nodes, find routers, and maintain reachability information. \nThe Neighbor Discovery protocol uses Neighbor Solicitation (ICMPv6 type 135)\nto query target nodes for their link-layer addresses. \n\nII. Problem Description\n\nIPv6 routers may allow \"on-link\" IPv6 nodes to create and update the\nrouter's neighbor cache and forwarding information. A malicious IPv6 node\nsharing a common router but on a different physical segment from another\nnode may be able to spoof Neighbor Discovery messages, allowing it to update\nrouter information for the victim node. \n\nIII. Impact\n\nAn attacker on a different physical network connected to the same IPv6\nrouter as another node could redirect IPv6 traffic intended for that node. \n\nIV. Workaround\n\nFirewall packet filters can be used to filter incoming Neighbor\nSolicitation messages but may interfere with normal IPv6 operation if not\nconfigured carefully. \n\nReverse path forwarding checks could be used to make gateways, such as\nrouters or firewalls, drop Neighbor Solicitation messages from\nnodes with unexpected source addresses on a particular interface. \n\nV. Solution\n\nNOTE WELL: The solution described below causes IPv6 Neighbor Discovery\nNeighbor Solicitation messages from non-neighbors to be ignored. \nThis can be re-enabled if required by setting the newly added\nnet.inet6.icmp6.nd6_onlink_ns_rfc4861 sysctl to a non-zero value. \n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to 6-STABLE, or 7-STABLE, or to the\nRELENG_7_0, or RELENG_6_3 security branch dated after the correction\ndate. \n\n2) To patch your present system:\n\nThe following patches have been verified to apply to FreeBSD 6.3 and\n7.0 systems. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 6.3]\n# fetch http://security.FreeBSD.org/patches/SA-08:10/nd6-6.patch\n# fetch http://security.FreeBSD.org/patches/SA-08:10/nd6-6.patch.asc\n\n[FreeBSD 7.0]\n# fetch http://security.FreeBSD.org/patches/SA-08:10/nd6-7.patch\n# fetch http://security.FreeBSD.org/patches/SA-08:10/nd6-7.patch.asc\n\nb) Apply the patch. \n\n# cd /usr/src\n# patch < /path/to/patch\n\nc) Recompile your kernel as described in\n<URL:http://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the\nsystem. \n\nVI. Correction details\n\nThe following list contains the revision numbers of each file that was\ncorrected in FreeBSD. \n\nBranch Revision\n Path\n- -------------------------------------------------------------------------\nRELENG_6\n src/sys/netinet6/in6.h 1.36.2.10\n src/sys/netinet6/in6_proto.c 1.32.2.10\n src/sys/netinet6/nd6.h 1.19.2.4\n src/sys/netinet6/nd6_nbr.c 1.29.2.11\nRELENG_6_3\n src/UPDATING 1.416.2.37.2.10\n src/sys/conf/newvers.sh 1.69.2.15.2.9\n src/sys/netinet6/in6.h 1.36.2.8.2.1\n src/sys/netinet6/in6_proto.c 1.32.2.8.2.1\n src/sys/netinet6/nd6.h 1.19.2.2.6.1\n src/sys/netinet6/nd6_nbr.c 1.29.2.9.2.1\nRELENG_7\n src/sys/netinet6/in6.h 1.51.2.2\n src/sys/netinet6/in6_proto.c 1.46.2.3\n src/sys/netinet6/nd6.h 1.21.2.2\n src/sys/netinet6/nd6_nbr.c 1.47.2.3\nRELENG_7_0\n src/UPDATING 1.507.2.3.2.9\n src/sys/conf/newvers.sh 1.72.2.5.2.9\n src/sys/netinet6/in6.h 1.51.4.1\n src/sys/netinet6/in6_proto.c 1.46.4.1\n src/sys/netinet6/nd6.h 1.21.4.1\n src/sys/netinet6/nd6_nbr.c 1.47.4.1\n- -------------------------------------------------------------------------\n\nVII. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01662367\nVersion: 1\n\nHPSBUX02407 SSRT080107 rev.1 - HP-UX Running IPv6, Remote Denial of Service (DoS) and Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2009-02-02\nLast Updated: 2009-02-02\n\nPotential Security Impact: Remote Denial of Service (DoS) and unauthorized access\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified with HP-UX running IPv6. This vulnerability could be exploited remotely resulting in a Denial of Service (DoS) and unauthorized access. \n\nReferences: CVE-2008-2476, CVE-2008-4404\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, B.11.31 running IPv6\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics \n===============================================\nReference Base Vector Base Score \nCVE-2008-2476 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3\nCVE-2008-4404 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\n===============================================\nInformation on CVSS is documented in HP Customer Notice: HPSN-2008-002. \n \nRESOLUTION\n\nHP has provided the following software patches to resolve the vulnerabilities. \n\nThe patches are available for download from: http://itrc.hp.com \n \nHP-UX Release - B.11.11 (11i v1)\nPatch ID - PHNE_37898\n \nHP-UX Release - B.11.23 (11i v2)\nPatch ID - PHNE_37897\n \nHP-UX Release - B.11.31 (11i v3)\nPatch ID - PHNE_38680\n\nMANUAL ACTIONS: No \n\nPRODUCT SPECIFIC INFORMATION \n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa \n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS \n\nHP-UX B.11.11 \n============= \nNetworking.NET-KRN \nNetworking.NET-PRG \nNetworking.NET-RUN \nNetworking.NET-RUN-64 \nOS-Core.CORE-KRN \nProgSupport.C-INC \nNetworking.NET2-KRN \nNetworking.NMS2-KRN \nOS-Core.CORE2-KRN \nOS-Core.SYS-ADMIN \nNetworking.NET2-KRN \nNetworking.NMS2-KRN \nOS-Core.CORE2-KRN \nOS-Core.SYS-ADMIN \naction: install patch PHNE_37898 or subsequent \nURL: http://itrc.hp.com \n\nHP-UX B.11.23 \n============= \nNetworking.NET-PRG \nNetworking.NET-RUN \nProgSupport.C-INC \nNetworking.NET-RUN-64 \nNetworking.NET2-KRN \nNetworking.NET2-RUN \nNetworking.NMS2-KRN \nOS-Core.CORE2-KRN \nOS-Core.SYS2-ADMIN \nNetworking.NET-RUN-64 \nNetworking.NET2-KRN \nNetworking.NET2-RUN \nNetworking.NMS2-KRN \nOS-Core.CORE2-KRN \nOS-Core.SYS2-ADMIN \naction: install patch PHNE_37897 or subsequent \nURL: http://itrc.hp.com \n\nHP-UX B.11.31 \n============= \nNetworking.NET-RUN \nProgSupport.C-INC \nNetworking.NET-RUN-64 \nNetworking.NET2-KRN \nNetworking.NET2-RUN \nNetworking.NMS2-KRN \nOS-Core.CORE2-KRN \nOS-Core.SYS2-ADMIN \nNetworking.NET-RUN-64 \nNetworking.NET2-KRN \nNetworking.NET2-RUN \nNetworking.NMS2-KRN \nOS-Core.CORE2-KRN \nOS-Core.SYS2-ADMIN \naction: install patch PHNE_38680 or subsequent \nURL: http://itrc.hp.com \n\nEND AFFECTED VERSIONS \n\nHISTORY \nVersion:1 (rev.1) - 2 February 2009 Initial release \n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. \n\n\n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com \n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n - verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber's choice for Business: sign-in. \nOn the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing & Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n \nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2009 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBSYdFsuAfOvwtKn1ZEQK0VACeIKetdQfBDsssaZYXnerHz8AEwzEAn2iy\nsaLPK+/sw3/02JA+b0HuzPfv\n=HTAW\n-----END PGP SIGNATURE-----\n", sources: [ { db: "NVD", id: "CVE-2008-2476", }, { db: "CERT/CC", id: "VU#472363", }, { db: "JVNDB", id: "JVNDB-2008-001801", }, { db: "BID", id: "31529", }, { db: "VULHUB", id: "VHN-32601", }, { db: "PACKETSTORM", id: "74623", }, { db: "PACKETSTORM", id: "128512", }, { db: "PACKETSTORM", id: "70564", }, { db: "PACKETSTORM", id: "74584", }, ], trust: 3.06, }, exploit_availability: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { reference: "https://www.scap.org.cn/vuln/vhn-32601", trust: 0.1, type: "unknown", }, ], sources: [ { db: "VULHUB", id: "VHN-32601", }, ], }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "CERT/CC", id: "VU#472363", trust: 3.7, }, { db: "NVD", id: "CVE-2008-2476", trust: 3.1, }, { db: "BID", id: "31529", trust: 2.8, }, { db: "SECUNIA", id: "32116", trust: 1.7, }, { db: "SECUNIA", id: "32406", trust: 1.7, }, { db: "SECUNIA", id: "32117", trust: 1.7, }, { db: "SECUNIA", id: "32112", trust: 1.7, }, { db: "VUPEN", id: "ADV-2008-2752", trust: 1.7, }, { db: "VUPEN", id: "ADV-2008-2750", trust: 1.7, }, { db: "VUPEN", id: "ADV-2008-2751", trust: 1.7, }, { db: "VUPEN", id: "ADV-2009-0633", trust: 1.7, }, { db: "SECTRACK", id: "1021132", trust: 1.7, }, { db: "SECTRACK", id: "1020968", trust: 1.7, }, { db: "SECTRACK", id: "1021109", trust: 1.7, }, { db: "XF", id: "45601", trust: 1.4, }, { db: "SECUNIA", id: "32133", trust: 1.1, }, { db: "SECUNIA", id: "33787", trust: 0.9, }, { db: "VUPEN", id: "ADV-2009-0312", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2008-001801", trust: 0.8, }, { db: "OVAL", id: "OVAL:ORG.MITRE.OVAL:DEF:5670", trust: 0.6, }, { db: "OPENBSD", id: "[4.2] 015: SECURITY FIX: OCTOBER 2, 2008", trust: 0.6, }, { db: "OPENBSD", id: "[4.3] 006: SECURITY FIX: OCTOBER 2, 2008", trust: 0.6, }, { db: "NETBSD", id: "NETBSD-SA2008-013", trust: 0.6, }, { db: "FREEBSD", id: "FREEBSD-SA-08:10", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-200810-024", trust: 0.6, }, { db: "PACKETSTORM", id: "70564", trust: 0.2, }, { db: "PACKETSTORM", id: "128512", trust: 0.2, }, { db: "PACKETSTORM", id: "74584", trust: 0.2, }, { db: "VULHUB", id: "VHN-32601", trust: 0.1, }, { db: "PACKETSTORM", id: "74623", trust: 0.1, }, ], sources: [ { db: "CERT/CC", id: "VU#472363", }, { db: "VULHUB", id: "VHN-32601", }, { db: "BID", id: "31529", }, { db: "JVNDB", id: "JVNDB-2008-001801", }, { db: "PACKETSTORM", id: "74623", }, { db: "PACKETSTORM", id: "128512", }, { db: "PACKETSTORM", id: "70564", }, { db: "PACKETSTORM", id: "74584", }, { db: "CNNVD", id: "CNNVD-200810-024", }, { db: "NVD", id: "CVE-2008-2476", }, ], }, id: "VAR-200810-0004", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-32601", }, ], trust: 0.4760244975, }, last_update_date: "2024-07-23T20:02:15.093000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "HT3467", trust: 0.8, url: "http://support.apple.com/kb/ht3467", }, { title: "HT3467", trust: 0.8, url: "http://support.apple.com/kb/ht3467?viewlocale=ja_jp", }, { title: "20081003", trust: 0.8, url: "http://www.furukawa.co.jp/fitelnet/topic/vulnera_20081003.html", }, { title: "HPSBUX02407", trust: 0.8, url: "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en&cc=us&objectid=c01662367", }, { title: "NV08-011", trust: 0.8, url: "http://www.nec.co.jp/security-info/secinfo/nv08-011.html", }, { title: "10031541", trust: 0.8, url: "http://www.seil.jp/seilseries/security/2008/10031541.php", }, { title: "AX-VU2008-04", trust: 0.8, url: "http://www.alaxala.com/jp/support/security/20081003.html", }, { title: "IPv6ND", trust: 0.8, url: "http://www.hitachi.co.jp/prod/comp/network/notice/ipv6nd.html", }, { title: "VU#472363", trust: 0.8, url: "http://software.fujitsu.com/jp/security/vulnerabilities/vu472363.html", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2008-001801", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-20", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-32601", }, { db: "JVNDB", id: "JVNDB-2008-001801", }, { db: "NVD", id: "CVE-2008-2476", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 3.2, url: "http://www.kb.cert.org/vuls/id/472363", }, { trust: 2.5, url: "http://www.securityfocus.com/bid/31529", }, { trust: 2, url: "http://support.apple.com/kb/ht3467", }, { trust: 1.8, url: "http://security.freebsd.org/advisories/freebsd-sa-08:10.nd6.asc", }, { trust: 1.7, url: "http://www.kb.cert.org/vuls/id/mapg-7h2ry7", }, { trust: 1.7, url: "http://www.kb.cert.org/vuls/id/mapg-7h2s68", }, { trust: 1.7, url: "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-013.txt.asc", }, { trust: 1.7, url: "http://www.openbsd.org/errata42.html#015_ndp", }, { trust: 1.7, url: "http://www.openbsd.org/errata43.html#006_ndp", }, { trust: 1.7, url: "http://securitytracker.com/id?1020968", }, { trust: 1.7, url: "http://www.securitytracker.com/id?1021109", }, { trust: 1.7, url: "http://www.securitytracker.com/id?1021132", }, { trust: 1.7, url: "http://secunia.com/advisories/32112", }, { trust: 1.7, url: "http://secunia.com/advisories/32116", }, { trust: 1.7, url: "http://secunia.com/advisories/32117", }, { trust: 1.7, url: "http://secunia.com/advisories/32406", }, { trust: 1.7, url: "http://www.vupen.com/english/advisories/2009/0633", }, { trust: 1.6, url: "https://www.juniper.net/alerts/viewalert.jsp?actionbtn=search&txtalertnumber=psn-2008-09-036&viewmode=view", }, { trust: 1.4, url: "http://xforce.iss.net/xforce/xfdb/45601", }, { trust: 1.1, url: "http://www.ietf.org/rfc/rfc2461.txt", }, { trust: 1.1, url: "http://www.ietf.org/rfc/rfc3756.txt", }, { trust: 1.1, url: "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5670", }, { trust: 1.1, url: "http://secunia.com/advisories/32133", }, { trust: 1.1, url: "http://www.vupen.com/english/advisories/2008/2750", }, { trust: 1.1, url: "http://www.vupen.com/english/advisories/2008/2751", }, { trust: 1.1, url: "http://www.vupen.com/english/advisories/2008/2752", }, { trust: 1.1, url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/45601", }, { trust: 0.9, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2476", }, { trust: 0.9, url: "http://secunia.com/advisories/33787/", }, { trust: 0.8, url: "http://tools.ietf.org/html/rfc4861", }, { trust: 0.8, url: "http://tools.ietf.org/html/rfc4861#section-2.1", }, { trust: 0.8, url: "http://www.ietf.org/rfc/rfc3177.txt", }, { trust: 0.8, url: "http://tools.ietf.org/html/rfc3971", }, { trust: 0.8, url: "http://docs.sun.com/app/docs/doc/817-0573/6mgc65bb6?a=view", }, { trust: 0.8, url: "http://msdn.microsoft.com/en-us/library/ms900123.aspx", }, { trust: 0.8, url: "http://en.wikipedia.org/wiki/forwarding_information_base#fibs_in_ingress_filtering_against_denial_of_service", }, { trust: 0.8, url: "http://en.wikipedia.org/wiki/reverse_path_forwarding", }, { trust: 0.8, url: "http://www.openbsd.org/faq/pf/filter.html#antispoof", }, { trust: 0.8, url: "http://jvn.jp/cert/jvnvu472363/index.html", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-2476", }, { trust: 0.8, url: "http://www.vupen.com/english/advisories/2009/0312", }, { trust: 0.6, url: "http://www.frsirt.com/english/advisories/2008/2752", }, { trust: 0.6, url: "http://www.frsirt.com/english/advisories/2008/2751", }, { trust: 0.6, url: "http://www.frsirt.com/english/advisories/2008/2750", }, { trust: 0.6, url: "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:5670", }, { trust: 0.4, url: "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01662367", }, { trust: 0.3, url: "http://www.midnightbsd.org/", }, { trust: 0.3, url: "http://www.openbsd.org/errata43.html#005_ndp", }, { trust: 0.3, url: "http://www.openbsd.org/errata42.html#014_ndp", }, { trust: 0.3, url: "http://support.avaya.com/elmodocs2/security/asa-2009-059.htm", }, { trust: 0.3, url: "http://www.kb.cert.org/vuls/id/mapg-7h2rzu", }, { trust: 0.3, url: "http://www.openbsd.org/errata44.html#001_ndp", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2008-2476", }, { trust: 0.1, url: "https://www.juniper.net/alerts/viewalert.jsp?actionbtn=search&txtalertnumber=psn-2008-09-036&viewmode=view", }, { trust: 0.1, url: "http://secunia.com/advisories/32112/", }, { trust: 0.1, url: "http://secunia.com/advisories/secunia_security_advisories/", }, { trust: 0.1, url: "http://secunia.com/advisories/business_solutions/", }, { trust: 0.1, url: "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org", }, { trust: 0.1, url: "http://secunia.com/advisories/product/138/", }, { trust: 0.1, url: "http://secunia.com/advisories/about_secunia_advisories/", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2010-2966", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0713", }, { trust: 0.1, url: "http://tp-link.com)", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0715", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2010-2967", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0716", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0712", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0711", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-0714", }, { trust: 0.1, url: "http://security.freebsd.org/patches/sa-08:10/nd6-6.patch.asc", }, { trust: 0.1, url: "http://security.freebsd.org/patches/sa-08:10/nd6-6.patch", }, { trust: 0.1, url: "http://security.freebsd.org/>.", }, { trust: 0.1, url: "http://security.freebsd.org/patches/sa-08:10/nd6-7.patch.asc", }, { trust: 0.1, url: "http://www.freebsd.org/handbook/kernelconfig.html>", }, { trust: 0.1, url: "http://security.freebsd.org/patches/sa-08:10/nd6-7.patch", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2008-4404", }, { trust: 0.1, url: "http://www.itrc.hp.com/service/cki/secbullarchive.do", }, { trust: 0.1, url: "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na&langcode=useng&jumpid=in_sc-gen__driveritrc&topiccode=itrc", }, { trust: 0.1, url: "https://www.hp.com/go/swa", }, { trust: 0.1, url: "http://itrc.hp.com", }, { trust: 0.1, url: "http://h30046.www3.hp.com/subsignin.php", }, ], sources: [ { db: "CERT/CC", id: "VU#472363", }, { db: "VULHUB", id: "VHN-32601", }, { db: "BID", id: "31529", }, { db: "JVNDB", id: "JVNDB-2008-001801", }, { db: "PACKETSTORM", id: "74623", }, { db: "PACKETSTORM", id: "128512", }, { db: "PACKETSTORM", id: "70564", }, { db: "PACKETSTORM", id: "74584", }, { db: "CNNVD", id: "CNNVD-200810-024", }, { db: "NVD", id: "CVE-2008-2476", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CERT/CC", id: "VU#472363", }, { db: "VULHUB", id: "VHN-32601", }, { db: "BID", id: "31529", }, { db: "JVNDB", id: "JVNDB-2008-001801", }, { db: "PACKETSTORM", id: "74623", }, { db: "PACKETSTORM", id: "128512", }, { db: "PACKETSTORM", id: "70564", }, { db: "PACKETSTORM", id: "74584", }, { db: "CNNVD", id: "CNNVD-200810-024", }, { db: "NVD", id: "CVE-2008-2476", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2008-10-02T00:00:00", db: "CERT/CC", id: "VU#472363", }, { date: "2008-10-03T00:00:00", db: "VULHUB", id: "VHN-32601", }, { date: "2008-10-02T00:00:00", db: "BID", id: "31529", }, { date: "2008-11-04T00:00:00", db: "JVNDB", id: "JVNDB-2008-001801", }, { date: "2009-02-03T17:55:30", db: "PACKETSTORM", id: "74623", }, { date: "2014-10-01T10:11:11", db: "PACKETSTORM", id: "128512", }, { date: "2008-10-02T21:27:21", db: "PACKETSTORM", id: "70564", }, { date: "2009-02-03T20:58:57", db: "PACKETSTORM", id: "74584", }, { date: "2008-10-03T00:00:00", db: "CNNVD", id: "CNNVD-200810-024", }, { date: "2008-10-03T15:07:10.727000", db: "NVD", id: "CVE-2008-2476", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2009-04-27T00:00:00", db: "CERT/CC", id: "VU#472363", }, { date: "2017-09-29T00:00:00", db: "VULHUB", id: "VHN-32601", }, { date: "2015-03-19T09:41:00", db: "BID", id: "31529", }, { date: "2010-03-03T00:00:00", db: "JVNDB", id: "JVNDB-2008-001801", }, { date: "2009-03-25T00:00:00", db: "CNNVD", id: "CNNVD-200810-024", }, { date: "2017-09-29T01:31:11.053000", db: "NVD", id: "CVE-2008-2476", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-200810-024", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "IPv6 implementations insecurely update Forwarding Information Base", sources: [ { db: "CERT/CC", id: "VU#472363", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "input validation", sources: [ { db: "CNNVD", id: "CNNVD-200810-024", }, ], trust: 0.6, }, }
CVE-2019-12264 (GCVE-0-2019-12264)
Vulnerability from cvelistv5
Published
2019-08-05 17:34
Modified
2024-08-04 23:17
Severity ?
EPSS score ?
Summary
Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4 assignment by the ipdhcpc DHCP client component.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12264 | x_refsource_MISC | |
| https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/ | x_refsource_CONFIRM | |
| https://support.f5.com/csp/article/K41190253 | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf | x_refsource_CONFIRM | |
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03960en_us | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T23:17:39.330Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12264", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K41190253", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03960en_us", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4 assignment by the ipdhcpc DHCP client component.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-10-15T21:06:12", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12264", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K41190253", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03960en_us", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-12264", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4 assignment by the ipdhcpc DHCP client component.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12264", refsource: "MISC", url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12264", }, { name: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", refsource: "CONFIRM", url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { name: "https://support.f5.com/csp/article/K41190253", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K41190253", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { name: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03960en_us", refsource: "CONFIRM", url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03960en_us", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-12264", datePublished: "2019-08-05T17:34:25", dateReserved: "2019-05-21T00:00:00", dateUpdated: "2024-08-04T23:17:39.330Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-38767 (GCVE-0-2022-38767)
Vulnerability from cvelistv5
Published
2022-11-25 00:00
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
An issue was discovered in Wind River VxWorks 6.9 and 7, that allows a specifically crafted packet sent by a Radius server, may cause Denial of Service during the IP Radius access procedure.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:02:14.648Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://windriver.com", }, { tags: [ "x_transferred", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2022-38767", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in Wind River VxWorks 6.9 and 7, that allows a specifically crafted packet sent by a Radius server, may cause Denial of Service during the IP Radius access procedure.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-11-25T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://windriver.com", }, { url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2022-38767", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-38767", datePublished: "2022-11-25T00:00:00", dateReserved: "2022-08-25T00:00:00", dateUpdated: "2024-08-03T11:02:14.648Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-11440 (GCVE-0-2020-11440)
Vulnerability from cvelistv5
Published
2020-07-23 13:59
Modified
2024-08-04 11:28
Severity ?
EPSS score ?
Summary
httpRpmFs in WebCLI in Wind River VxWorks 5.5 through 7 SR0640 has no check for an escape from the web root.
References
| ▼ | URL | Tags |
|---|---|---|
| https://windriver.com | x_refsource_MISC | |
| https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-11440 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T11:28:13.887Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://windriver.com", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-11440", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "httpRpmFs in WebCLI in Wind River VxWorks 5.5 through 7 SR0640 has no check for an escape from the web root.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-23T13:59:12", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://windriver.com", }, { tags: [ "x_refsource_MISC", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-11440", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-11440", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "httpRpmFs in WebCLI in Wind River VxWorks 5.5 through 7 SR0640 has no check for an escape from the web root.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://windriver.com", refsource: "MISC", url: "https://windriver.com", }, { name: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-11440", refsource: "MISC", url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-11440", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-11440", datePublished: "2020-07-23T13:59:12", dateReserved: "2020-03-31T00:00:00", dateUpdated: "2024-08-04T11:28:13.887Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2010-2965 (GCVE-0-2010-2965)
Vulnerability from cvelistv5
Published
2010-08-04 21:00
Modified
2025-01-28 01:29
Severity ?
EPSS score ?
Summary
The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185, a related issue to CVE-2005-3804.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.kb.cert.org/vuls/id/MAPG-86FPQL | x_refsource_CONFIRM | |
| http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=69735 | x_refsource_CONFIRM | |
| http://www.kb.cert.org/vuls/id/362332 | third-party-advisory, x_refsource_CERT-VN | |
| https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033708 | x_refsource_CONFIRM | |
| http://www.kb.cert.org/vuls/id/MAPG-86EPFA | x_refsource_CONFIRM | |
| http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2025-01-28T01:29:35.456Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/MAPG-86FPQL", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=69735", }, { name: "VU#362332", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/362332", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033708", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/MAPG-86EPFA", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", }, { url: "http://seclists.org/fulldisclosure/2025/Jan/10", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185, a related issue to CVE-2005-3804.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2010-08-04T21:00:00.000Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.kb.cert.org/vuls/id/MAPG-86FPQL", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=69735", }, { name: "VU#362332", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/362332", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033708", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.kb.cert.org/vuls/id/MAPG-86EPFA", }, { tags: [ "x_refsource_MISC", ], url: "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2010-2965", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185, a related issue to CVE-2005-3804.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.kb.cert.org/vuls/id/MAPG-86FPQL", refsource: "CONFIRM", url: "http://www.kb.cert.org/vuls/id/MAPG-86FPQL", }, { name: "http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=69735", refsource: "CONFIRM", url: "http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=69735", }, { name: "VU#362332", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/362332", }, { name: "https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033708", refsource: "CONFIRM", url: "https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033708", }, { name: "http://www.kb.cert.org/vuls/id/MAPG-86EPFA", refsource: "CONFIRM", url: "http://www.kb.cert.org/vuls/id/MAPG-86EPFA", }, { name: "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", refsource: "MISC", url: "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2010-2965", datePublished: "2010-08-04T21:00:00.000Z", dateReserved: "2010-08-04T00:00:00.000Z", dateUpdated: "2025-01-28T01:29:35.456Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-12258 (GCVE-0-2019-12258)
Vulnerability from cvelistv5
Published
2019-08-09 20:00
Modified
2024-08-04 23:17
Severity ?
EPSS score ?
Summary
Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. This is a IPNET security vulnerability: DoS of TCP connection via malformed TCP options.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support2.windriver.com/index.php?page=security-notices | x_refsource_MISC | |
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009 | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20190802-0001/ | x_refsource_CONFIRM | |
| https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/ | x_refsource_CONFIRM | |
| https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12258 | x_refsource_MISC | |
| https://support.f5.com/csp/article/K41190253 | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T23:17:38.957Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12258", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K41190253", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. This is a IPNET security vulnerability: DoS of TCP connection via malformed TCP options.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-05-12T12:06:16", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { tags: [ "x_refsource_MISC", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12258", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K41190253", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-12258", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. This is a IPNET security vulnerability: DoS of TCP connection via malformed TCP options.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://support2.windriver.com/index.php?page=security-notices", refsource: "MISC", url: "https://support2.windriver.com/index.php?page=security-notices", }, { name: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", refsource: "CONFIRM", url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { name: "https://security.netapp.com/advisory/ntap-20190802-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { name: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", refsource: "CONFIRM", url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { name: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12258", refsource: "MISC", url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12258", }, { name: "https://support.f5.com/csp/article/K41190253", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K41190253", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-12258", datePublished: "2019-08-09T20:00:44", dateReserved: "2019-05-21T00:00:00", dateUpdated: "2024-08-04T23:17:38.957Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-12262 (GCVE-0-2019-12262)
Vulnerability from cvelistv5
Published
2019-08-14 19:18
Modified
2024-08-04 23:17
Severity ?
EPSS score ?
Summary
Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and 7 has Incorrect Access Control in the RARP client component. IPNET security vulnerability: Handling of unsolicited Reverse ARP replies (Logical Flaw).
References
| ▼ | URL | Tags |
|---|---|---|
| https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12262 | x_refsource_CONFIRM | |
| https://support.f5.com/csp/article/K41190253 | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T23:17:39.465Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12262", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K41190253", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and 7 has Incorrect Access Control in the RARP client component. IPNET security vulnerability: Handling of unsolicited Reverse ARP replies (Logical Flaw).", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-05-12T12:06:18", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12262", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K41190253", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-12262", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and 7 has Incorrect Access Control in the RARP client component. IPNET security vulnerability: Handling of unsolicited Reverse ARP replies (Logical Flaw).", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12262", refsource: "CONFIRM", url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12262", }, { name: "https://support.f5.com/csp/article/K41190253", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K41190253", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-12262", datePublished: "2019-08-14T19:18:13", dateReserved: "2019-05-21T00:00:00", dateUpdated: "2024-08-04T23:17:39.465Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-29998 (GCVE-0-2021-29998)
Vulnerability from cvelistv5
Published
2021-04-13 16:16
Modified
2024-08-03 22:24
Severity ?
EPSS score ?
Summary
An issue was discovered in Wind River VxWorks before 6.5. There is a possible heap overflow in dhcp client.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support2.windriver.com/index.php?page=security-notices | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-560465.pdf | x_refsource_CONFIRM | |
| https://us-cert.cisa.gov/ics/advisories/icsa-21-194-12 | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-910883.pdf | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T22:24:59.358Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-560465.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-194-12", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-910883.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in Wind River VxWorks before 6.5. There is a possible heap overflow in dhcp client.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-07-12T10:06:15", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-560465.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-194-12", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-910883.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-29998", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in Wind River VxWorks before 6.5. There is a possible heap overflow in dhcp client.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://support2.windriver.com/index.php?page=security-notices", refsource: "MISC", url: "https://support2.windriver.com/index.php?page=security-notices", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-560465.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-560465.pdf", }, { name: "https://us-cert.cisa.gov/ics/advisories/icsa-21-194-12", refsource: "MISC", url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-194-12", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-910883.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-910883.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-29998", datePublished: "2021-04-13T16:16:51", dateReserved: "2021-04-02T00:00:00", dateUpdated: "2024-08-03T22:24:59.358Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-20009 (GCVE-0-2016-20009)
Vulnerability from cvelistv5
Published
2021-03-11 21:39
Modified
2024-08-06 03:47
Severity ?
EPSS score ?
Summary
A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
References
| ▼ | URL | Tags |
|---|---|---|
| https://blog.exodusintel.com/2016/08/09/vxworks-execute-my-packets/ | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-553445.pdf | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T03:47:34.869Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://blog.exodusintel.com/2016/08/09/vxworks-execute-my-packets/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-553445.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-08-10T11:06:46", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://blog.exodusintel.com/2016/08/09/vxworks-execute-my-packets/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-553445.pdf", }, ], tags: [ "unsupported-when-assigned", ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-20009", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "** UNSUPPORTED WHEN ASSIGNED ** A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://blog.exodusintel.com/2016/08/09/vxworks-execute-my-packets/", refsource: "MISC", url: "https://blog.exodusintel.com/2016/08/09/vxworks-execute-my-packets/", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-553445.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-553445.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-20009", datePublished: "2021-03-11T21:39:25", dateReserved: "2021-03-11T00:00:00", dateUpdated: "2024-08-06T03:47:34.869Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-10664 (GCVE-0-2020-10664)
Vulnerability from cvelistv5
Published
2020-04-27 12:21
Modified
2024-08-04 11:06
Severity ?
EPSS score ?
Summary
The IGMP component in VxWorks 6.8.3 IPNET CVE patches created in 2019 has a NULL Pointer Dereference.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-10664 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T11:06:10.646Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-10664", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The IGMP component in VxWorks 6.8.3 IPNET CVE patches created in 2019 has a NULL Pointer Dereference.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-04-27T12:21:08", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-10664", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-10664", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The IGMP component in VxWorks 6.8.3 IPNET CVE patches created in 2019 has a NULL Pointer Dereference.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-10664", refsource: "CONFIRM", url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-10664", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-10664", datePublished: "2020-04-27T12:21:08", dateReserved: "2020-03-18T00:00:00", dateUpdated: "2024-08-04T11:06:10.646Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2010-2966 (GCVE-0-2010-2966)
Vulnerability from cvelistv5
Published
2010-08-04 21:00
Modified
2024-09-16 22:50
Severity ?
EPSS score ?
Summary
The INCLUDE_SECURITY functionality in Wind River VxWorks 6.x, 5.x, and earlier uses the LOGIN_USER_NAME and LOGIN_USER_PASSWORD (aka LOGIN_PASSWORD) parameters to create hardcoded credentials, which makes it easier for remote attackers to obtain access via a (1) telnet, (2) rlogin, or (3) FTP session.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.kb.cert.org/vuls/id/840249 | third-party-advisory, x_refsource_CERT-VN | |
| http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T02:55:45.509Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "VU#840249", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/840249", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The INCLUDE_SECURITY functionality in Wind River VxWorks 6.x, 5.x, and earlier uses the LOGIN_USER_NAME and LOGIN_USER_PASSWORD (aka LOGIN_PASSWORD) parameters to create hardcoded credentials, which makes it easier for remote attackers to obtain access via a (1) telnet, (2) rlogin, or (3) FTP session.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2010-08-04T21:00:00Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "VU#840249", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/840249", }, { tags: [ "x_refsource_MISC", ], url: "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2010-2966", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The INCLUDE_SECURITY functionality in Wind River VxWorks 6.x, 5.x, and earlier uses the LOGIN_USER_NAME and LOGIN_USER_PASSWORD (aka LOGIN_PASSWORD) parameters to create hardcoded credentials, which makes it easier for remote attackers to obtain access via a (1) telnet, (2) rlogin, or (3) FTP session.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "VU#840249", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/840249", }, { name: "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", refsource: "MISC", url: "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2010-2966", datePublished: "2010-08-04T21:00:00Z", dateReserved: "2010-08-04T00:00:00Z", dateUpdated: "2024-09-16T22:50:46.601Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-12259 (GCVE-0-2019-12259)
Vulnerability from cvelistv5
Published
2019-08-09 18:05
Modified
2024-08-04 23:17
Severity ?
EPSS score ?
Summary
Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support2.windriver.com/index.php?page=security-notices | x_refsource_MISC | |
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009 | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20190802-0001/ | x_refsource_CONFIRM | |
| https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/ | x_refsource_CONFIRM | |
| https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12259 | x_refsource_CONFIRM | |
| https://support.f5.com/csp/article/K41190253 | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T23:17:39.112Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12259", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K41190253", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-05-12T12:06:19", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12259", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K41190253", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-12259", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://support2.windriver.com/index.php?page=security-notices", refsource: "MISC", url: "https://support2.windriver.com/index.php?page=security-notices", }, { name: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", refsource: "CONFIRM", url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { name: "https://security.netapp.com/advisory/ntap-20190802-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { name: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", refsource: "CONFIRM", url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { name: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12259", refsource: "CONFIRM", url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12259", }, { name: "https://support.f5.com/csp/article/K41190253", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K41190253", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-12259", datePublished: "2019-08-09T18:05:16", dateReserved: "2019-05-21T00:00:00", dateUpdated: "2024-08-04T23:17:39.112Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-12257 (GCVE-0-2019-12257)
Vulnerability from cvelistv5
Published
2019-08-09 17:49
Modified
2024-08-04 23:17
Severity ?
EPSS score ?
Summary
Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP client component. There is an IPNET security vulnerability: Heap overflow in DHCP Offer/ACK parsing inside ipdhcpc.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support2.windriver.com/index.php?page=security-notices | x_refsource_MISC | |
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009 | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20190802-0001/ | x_refsource_CONFIRM | |
| https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/ | x_refsource_CONFIRM | |
| https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12257 | x_refsource_CONFIRM | |
| https://support.f5.com/csp/article/K41190253 | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T23:17:39.610Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12257", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K41190253", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP client component. There is an IPNET security vulnerability: Heap overflow in DHCP Offer/ACK parsing inside ipdhcpc.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-09-10T12:06:09", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12257", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K41190253", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-12257", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP client component. There is an IPNET security vulnerability: Heap overflow in DHCP Offer/ACK parsing inside ipdhcpc.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://support2.windriver.com/index.php?page=security-notices", refsource: "MISC", url: "https://support2.windriver.com/index.php?page=security-notices", }, { name: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", refsource: "CONFIRM", url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { name: "https://security.netapp.com/advisory/ntap-20190802-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { name: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", refsource: "CONFIRM", url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { name: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12257", refsource: "CONFIRM", url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12257", }, { name: "https://support.f5.com/csp/article/K41190253", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K41190253", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-12257", datePublished: "2019-08-09T17:49:48", dateReserved: "2019-05-21T00:00:00", dateUpdated: "2024-08-04T23:17:39.610Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-12260 (GCVE-0-2019-12260)
Vulnerability from cvelistv5
Published
2019-08-09 20:18
Modified
2024-08-04 23:17
Severity ?
EPSS score ?
Summary
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.oracle.com/security-alerts/cpuoct2020.html | x_refsource_MISC | |
| https://support2.windriver.com/index.php?page=security-notices | x_refsource_MISC | |
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009 | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20190802-0001/ | x_refsource_CONFIRM | |
| https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/ | x_refsource_CONFIRM | |
| https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12260 | x_refsource_MISC | |
| https://support.f5.com/csp/article/K41190253 | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf | x_refsource_CONFIRM | |
| https://www.oracle.com//security-alerts/cpujul2021.html | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T23:17:39.851Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12260", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K41190253", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-07-20T22:53:28", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { tags: [ "x_refsource_MISC", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { tags: [ "x_refsource_MISC", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12260", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K41190253", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-12260", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.oracle.com/security-alerts/cpuoct2020.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { name: "https://support2.windriver.com/index.php?page=security-notices", refsource: "MISC", url: "https://support2.windriver.com/index.php?page=security-notices", }, { name: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", refsource: "CONFIRM", url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { name: "https://security.netapp.com/advisory/ntap-20190802-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { name: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", refsource: "CONFIRM", url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { name: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12260", refsource: "MISC", url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12260", }, { name: "https://support.f5.com/csp/article/K41190253", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K41190253", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { name: "https://www.oracle.com//security-alerts/cpujul2021.html", refsource: "MISC", url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-12260", datePublished: "2019-08-09T20:18:30", dateReserved: "2019-05-21T00:00:00", dateUpdated: "2024-08-04T23:17:39.851Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-10288 (GCVE-0-2020-10288)
Vulnerability from cvelistv5
Published
2020-07-15 22:15
Modified
2024-09-16 19:51
Severity ?
EPSS score ?
Summary
IRC5 exposes an ftp server (port 21). Upon attempting to gain access you are challenged with a request of username and password, however you can input whatever you like. As long as the field isn't empty it will be accepted.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/aliasrobotics/RVD/issues/3327 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T10:58:39.980Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/aliasrobotics/RVD/issues/3327", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "IRB140", vendor: "ABB", versions: [ { status: "affected", version: "unspecified", }, ], }, ], credits: [ { lang: "en", value: "Alfonso Glera, Victor Mayoral Vilches (Alias Robotics)", }, ], datePublic: "2020-07-15T00:00:00", descriptions: [ { lang: "en", value: "IRC5 exposes an ftp server (port 21). Upon attempting to gain access you are challenged with a request of username and password, however you can input whatever you like. As long as the field isn't empty it will be accepted.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "CWE-284", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-15T22:15:13", orgId: "dc524f69-879d-41dc-ab8f-724e78658a1a", shortName: "Alias", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/aliasrobotics/RVD/issues/3327", }, ], source: { defect: [ "RVD#3327", ], discovery: "EXTERNAL", }, title: "RVD#3327: No authentication required for accesing ABB IRC5 FTP server", x_generator: { engine: "Robot Vulnerability Database (RVD)", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@aliasrobotics.com", DATE_PUBLIC: "2020-07-15T22:11:11 +00:00", ID: "CVE-2020-10288", STATE: "PUBLIC", TITLE: "RVD#3327: No authentication required for accesing ABB IRC5 FTP server", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "IRB140", version: { version_data: [ { version_value: "", }, ], }, }, ], }, vendor_name: "ABB", }, ], }, }, credit: [ { lang: "eng", value: "Alfonso Glera, Victor Mayoral Vilches (Alias Robotics)", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "IRC5 exposes an ftp server (port 21). Upon attempting to gain access you are challenged with a request of username and password, however you can input whatever you like. As long as the field isn't empty it will be accepted.", }, ], }, generator: { engine: "Robot Vulnerability Database (RVD)", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "critical", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-284", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/aliasrobotics/RVD/issues/3327", refsource: "CONFIRM", url: "https://github.com/aliasrobotics/RVD/issues/3327", }, ], }, source: { defect: [ "RVD#3327", ], discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "dc524f69-879d-41dc-ab8f-724e78658a1a", assignerShortName: "Alias", cveId: "CVE-2020-10288", datePublished: "2020-07-15T22:15:13.640890Z", dateReserved: "2020-03-10T00:00:00", dateUpdated: "2024-09-16T19:51:41.495Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-7599 (GCVE-0-2015-7599)
Vulnerability from cvelistv5
Published
2017-02-07 17:00
Modified
2024-08-06 07:51
Severity ?
EPSS score ?
Summary
Integer overflow in the _authenticate function in svc_auth.c in Wind River VxWorks 5.5 through 6.9.4.1, when the Remote Procedure Call (RPC) protocol is enabled, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a username and password.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.netapp.com/advisory/ntap-20151029-0001/ | x_refsource_CONFIRM | |
| https://www.syscan360.org/slides/2015_EN_AttackingVxWorksFromstoneagetointerstellar_Eric_Yannick.pdf | x_refsource_MISC | |
| http://blogs.windriver.com/wind_river_blog/2015/09/wind-river-vxworks-updateclarification.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/79205 | vdb-entry, x_refsource_BID | |
| https://kb.netapp.com/support/s/article/cve-2015-7599-vxworks-vulnerability-impacting-netapp-e-series-products?language=en_US | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T07:51:28.614Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20151029-0001/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.syscan360.org/slides/2015_EN_AttackingVxWorksFromstoneagetointerstellar_Eric_Yannick.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://blogs.windriver.com/wind_river_blog/2015/09/wind-river-vxworks-updateclarification.html", }, { name: "79205", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/79205", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.netapp.com/support/s/article/cve-2015-7599-vxworks-vulnerability-impacting-netapp-e-series-products?language=en_US", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-09-16T00:00:00", descriptions: [ { lang: "en", value: "Integer overflow in the _authenticate function in svc_auth.c in Wind River VxWorks 5.5 through 6.9.4.1, when the Remote Procedure Call (RPC) protocol is enabled, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a username and password.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-11-15T10:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20151029-0001/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.syscan360.org/slides/2015_EN_AttackingVxWorksFromstoneagetointerstellar_Eric_Yannick.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://blogs.windriver.com/wind_river_blog/2015/09/wind-river-vxworks-updateclarification.html", }, { name: "79205", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/79205", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.netapp.com/support/s/article/cve-2015-7599-vxworks-vulnerability-impacting-netapp-e-series-products?language=en_US", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-7599", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Integer overflow in the _authenticate function in svc_auth.c in Wind River VxWorks 5.5 through 6.9.4.1, when the Remote Procedure Call (RPC) protocol is enabled, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a username and password.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://security.netapp.com/advisory/ntap-20151029-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20151029-0001/", }, { name: "https://www.syscan360.org/slides/2015_EN_AttackingVxWorksFromstoneagetointerstellar_Eric_Yannick.pdf", refsource: "MISC", url: "https://www.syscan360.org/slides/2015_EN_AttackingVxWorksFromstoneagetointerstellar_Eric_Yannick.pdf", }, { name: "http://blogs.windriver.com/wind_river_blog/2015/09/wind-river-vxworks-updateclarification.html", refsource: "CONFIRM", url: "http://blogs.windriver.com/wind_river_blog/2015/09/wind-river-vxworks-updateclarification.html", }, { name: "79205", refsource: "BID", url: "http://www.securityfocus.com/bid/79205", }, { name: "https://kb.netapp.com/support/s/article/cve-2015-7599-vxworks-vulnerability-impacting-netapp-e-series-products?language=en_US", refsource: "CONFIRM", url: "https://kb.netapp.com/support/s/article/cve-2015-7599-vxworks-vulnerability-impacting-netapp-e-series-products?language=en_US", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-7599", datePublished: "2017-02-07T17:00:00", dateReserved: "2015-09-29T00:00:00", dateUpdated: "2024-08-06T07:51:28.614Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-28895 (GCVE-0-2020-28895)
Vulnerability from cvelistv5
Published
2021-02-03 15:16
Modified
2024-08-04 16:41
Severity ?
EPSS score ?
Summary
In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support2.windriver.com/index.php?page=defects&on=view&id=V7LIBC-1327 | x_refsource_MISC | |
| https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-28895 | x_refsource_MISC | |
| https://www.oracle.com/security-alerts/cpuapr2022.html | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:41:00.095Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=defects&on=view&id=V7LIBC-1327", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-28895", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], credits: [ { lang: "en", value: "Reported by Omri Ben Bassat <v-obenbassat@microsoft.com>", }, ], datePublic: "2020-12-14T00:00:00", descriptions: [ { lang: "en", value: "In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-19T23:22:39", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support2.windriver.com/index.php?page=defects&on=view&id=V7LIBC-1327", }, { tags: [ "x_refsource_MISC", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-28895", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], source: { discovery: "EXTERNAL", }, title: "integer overflow in calloc", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-28895", STATE: "PUBLIC", TITLE: "integer overflow in calloc", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, credit: [ { lang: "eng", value: "Reported by Omri Ben Bassat <v-obenbassat@microsoft.com>", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://support2.windriver.com/index.php?page=defects&on=view&id=V7LIBC-1327", refsource: "MISC", url: "https://support2.windriver.com/index.php?page=defects&on=view&id=V7LIBC-1327", }, { name: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-28895", refsource: "MISC", url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-28895", }, { name: "https://www.oracle.com/security-alerts/cpuapr2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], }, source: { discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-28895", datePublished: "2021-02-03T15:16:34", dateReserved: "2020-11-17T00:00:00", dateUpdated: "2024-08-04T16:41:00.095Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2010-2968 (GCVE-0-2010-2968)
Vulnerability from cvelistv5
Published
2010-08-04 21:00
Modified
2024-09-17 02:27
Severity ?
EPSS score ?
Summary
The FTP daemon in Wind River VxWorks does not close the TCP connection after a number of failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.
References
| ▼ | URL | Tags |
|---|---|---|
| http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T02:55:46.289Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The FTP daemon in Wind River VxWorks does not close the TCP connection after a number of failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2010-08-04T21:00:00Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2010-2968", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The FTP daemon in Wind River VxWorks does not close the TCP connection after a number of failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", refsource: "MISC", url: "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2010-2968", datePublished: "2010-08-04T21:00:00Z", dateReserved: "2010-08-04T00:00:00Z", dateUpdated: "2024-09-17T02:27:41.743Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-12255 (GCVE-0-2019-12255)
Vulnerability from cvelistv5
Published
2019-08-09 19:18
Modified
2024-08-04 23:17
Severity ?
EPSS score ?
Summary
Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support2.windriver.com/index.php?page=security-notices | x_refsource_MISC | |
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009 | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20190802-0001/ | x_refsource_CONFIRM | |
| https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/ | x_refsource_CONFIRM | |
| https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12255 | x_refsource_MISC | |
| http://packetstormsecurity.com/files/154022/VxWorks-6.8-Integer-Underflow.html | x_refsource_MISC | |
| https://support.f5.com/csp/article/K41190253 | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf | x_refsource_CONFIRM | |
| https://support.f5.com/csp/article/K41190253?utm_source=f5support&%3Butm_medium=RSS | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T23:17:39.534Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12255", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/154022/VxWorks-6.8-Integer-Underflow.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K41190253", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K41190253?utm_source=f5support&%3Butm_medium=RSS", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-05-12T12:06:20", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { tags: [ "x_refsource_MISC", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12255", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/154022/VxWorks-6.8-Integer-Underflow.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K41190253", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K41190253?utm_source=f5support&%3Butm_medium=RSS", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-12255", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://support2.windriver.com/index.php?page=security-notices", refsource: "MISC", url: "https://support2.windriver.com/index.php?page=security-notices", }, { name: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", refsource: "CONFIRM", url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { name: "https://security.netapp.com/advisory/ntap-20190802-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { name: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", refsource: "CONFIRM", url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { name: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12255", refsource: "MISC", url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12255", }, { name: "http://packetstormsecurity.com/files/154022/VxWorks-6.8-Integer-Underflow.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/154022/VxWorks-6.8-Integer-Underflow.html", }, { name: "https://support.f5.com/csp/article/K41190253", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K41190253", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { name: "https://support.f5.com/csp/article/K41190253?utm_source=f5support&utm_medium=RSS", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K41190253?utm_source=f5support&utm_medium=RSS", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-12255", datePublished: "2019-08-09T19:18:03", dateReserved: "2019-05-21T00:00:00", dateUpdated: "2024-08-04T23:17:39.534Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-12265 (GCVE-0-2019-12265)
Vulnerability from cvelistv5
Published
2019-08-09 18:14
Modified
2024-08-04 23:17
Severity ?
EPSS score ?
Summary
Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Leak in the IGMPv3 client component. There is an IPNET security vulnerability: IGMP Information leak via IGMPv3 specific membership report.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support2.windriver.com/index.php?page=security-notices | x_refsource_MISC | |
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009 | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20190802-0001/ | x_refsource_CONFIRM | |
| https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/ | x_refsource_CONFIRM | |
| https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12265 | x_refsource_CONFIRM | |
| https://support.f5.com/csp/article/K41190253 | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T23:17:39.695Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12265", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K41190253", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Leak in the IGMPv3 client component. There is an IPNET security vulnerability: IGMP Information leak via IGMPv3 specific membership report.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-05-12T12:06:19", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12265", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K41190253", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-12265", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Leak in the IGMPv3 client component. There is an IPNET security vulnerability: IGMP Information leak via IGMPv3 specific membership report.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://support2.windriver.com/index.php?page=security-notices", refsource: "MISC", url: "https://support2.windriver.com/index.php?page=security-notices", }, { name: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", refsource: "CONFIRM", url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { name: "https://security.netapp.com/advisory/ntap-20190802-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { name: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", refsource: "CONFIRM", url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { name: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12265", refsource: "CONFIRM", url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12265", }, { name: "https://support.f5.com/csp/article/K41190253", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K41190253", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-12265", datePublished: "2019-08-09T18:14:23", dateReserved: "2019-05-21T00:00:00", dateUpdated: "2024-08-04T23:17:39.695Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-43268 (GCVE-0-2021-43268)
Vulnerability from cvelistv5
Published
2021-11-24 16:15
Modified
2024-08-04 03:55
Severity ?
EPSS score ?
Summary
An issue was discovered in VxWorks 6.9 through 7. In the IKE component, a specifically crafted packet may lead to reading beyond the end of a buffer, or a double free.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2021-43268 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T03:55:28.365Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2021-43268", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in VxWorks 6.9 through 7. In the IKE component, a specifically crafted packet may lead to reading beyond the end of a buffer, or a double free.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-11-24T16:15:17", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2021-43268", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-43268", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in VxWorks 6.9 through 7. In the IKE component, a specifically crafted packet may lead to reading beyond the end of a buffer, or a double free.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2021-43268", refsource: "MISC", url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2021-43268", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-43268", datePublished: "2021-11-24T16:15:17", dateReserved: "2021-11-02T00:00:00", dateUpdated: "2024-08-04T03:55:28.365Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2013-0712 (GCVE-0-2013-0712)
Vulnerability from cvelistv5
Published
2013-03-20 18:00
Modified
2024-09-16 17:27
Severity ?
EPSS score ?
Summary
IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote authenticated users to cause a denial of service (daemon outage) via a crafted packet.
References
| ▼ | URL | Tags |
|---|---|---|
| http://jvn.jp/en/jp/JVN01611135/index.html | third-party-advisory, x_refsource_JVN | |
| http://jvn.jp/en/jp/JVN01611135/995359/index.html | x_refsource_MISC | |
| http://jvndb.jvn.jp/jvndb/JVNDB-2013-000019 | third-party-advisory, x_refsource_JVNDB |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T14:33:05.573Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "JVN#01611135", tags: [ "third-party-advisory", "x_refsource_JVN", "x_transferred", ], url: "http://jvn.jp/en/jp/JVN01611135/index.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://jvn.jp/en/jp/JVN01611135/995359/index.html", }, { name: "JVNDB-2013-000019", tags: [ "third-party-advisory", "x_refsource_JVNDB", "x_transferred", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000019", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote authenticated users to cause a denial of service (daemon outage) via a crafted packet.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-03-20T18:00:00Z", orgId: "ede6fdc4-6654-4307-a26d-3331c018e2ce", shortName: "jpcert", }, references: [ { name: "JVN#01611135", tags: [ "third-party-advisory", "x_refsource_JVN", ], url: "http://jvn.jp/en/jp/JVN01611135/index.html", }, { tags: [ "x_refsource_MISC", ], url: "http://jvn.jp/en/jp/JVN01611135/995359/index.html", }, { name: "JVNDB-2013-000019", tags: [ "third-party-advisory", "x_refsource_JVNDB", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000019", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "vultures@jpcert.or.jp", ID: "CVE-2013-0712", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote authenticated users to cause a denial of service (daemon outage) via a crafted packet.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "JVN#01611135", refsource: "JVN", url: "http://jvn.jp/en/jp/JVN01611135/index.html", }, { name: "http://jvn.jp/en/jp/JVN01611135/995359/index.html", refsource: "MISC", url: "http://jvn.jp/en/jp/JVN01611135/995359/index.html", }, { name: "JVNDB-2013-000019", refsource: "JVNDB", url: "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000019", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ede6fdc4-6654-4307-a26d-3331c018e2ce", assignerShortName: "jpcert", cveId: "CVE-2013-0712", datePublished: "2013-03-20T18:00:00Z", dateReserved: "2012-12-28T00:00:00Z", dateUpdated: "2024-09-16T17:27:59.266Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-29997 (GCVE-0-2021-29997)
Vulnerability from cvelistv5
Published
2021-04-13 16:34
Modified
2024-08-03 22:24
Severity ?
EPSS score ?
Summary
An issue was discovered in Wind River VxWorks 7 before 21.03. A specially crafted packet may lead to buffer over-read on IKE.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support2.windriver.com/index.php?page=security-notices | x_refsource_MISC | |
| https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2021-29997 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T22:24:59.073Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2021-29997", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in Wind River VxWorks 7 before 21.03. A specially crafted packet may lead to buffer over-read on IKE.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-04-30T11:52:43", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2021-29997", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-29997", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in Wind River VxWorks 7 before 21.03. A specially crafted packet may lead to buffer over-read on IKE.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://support2.windriver.com/index.php?page=security-notices", refsource: "MISC", url: "https://support2.windriver.com/index.php?page=security-notices", }, { name: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2021-29997", refsource: "CONFIRM", url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2021-29997", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-29997", datePublished: "2021-04-13T16:34:02", dateReserved: "2021-04-02T00:00:00", dateUpdated: "2024-08-03T22:24:59.073Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-29999 (GCVE-0-2021-29999)
Vulnerability from cvelistv5
Published
2021-04-13 16:26
Modified
2024-08-03 22:24
Severity ?
EPSS score ?
Summary
An issue was discovered in Wind River VxWorks through 6.8. There is a possible stack overflow in dhcp server.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support2.windriver.com/index.php?page=security-notices | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T22:24:59.530Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in Wind River VxWorks through 6.8. There is a possible stack overflow in dhcp server.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-04-13T16:26:55", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, ], source: { discovery: "INTERNAL", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-29999", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in Wind River VxWorks through 6.8. There is a possible stack overflow in dhcp server.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://support2.windriver.com/index.php?page=security-notices", refsource: "MISC", url: "https://support2.windriver.com/index.php?page=security-notices", }, ], }, source: { discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-29999", datePublished: "2021-04-13T16:26:55", dateReserved: "2021-04-02T00:00:00", dateUpdated: "2024-08-03T22:24:59.530Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-12261 (GCVE-0-2019-12261)
Vulnerability from cvelistv5
Published
2019-08-09 20:27
Modified
2024-08-04 23:17
Severity ?
EPSS score ?
Summary
Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.oracle.com/security-alerts/cpuoct2020.html | x_refsource_MISC | |
| https://support2.windriver.com/index.php?page=security-notices | x_refsource_MISC | |
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009 | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20190802-0001/ | x_refsource_CONFIRM | |
| https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/ | x_refsource_CONFIRM | |
| https://support.f5.com/csp/article/K41190253 | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf | x_refsource_CONFIRM | |
| https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12261 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T23:17:38.872Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K41190253", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12261", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-20T21:14:56", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { tags: [ "x_refsource_MISC", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K41190253", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12261", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-12261", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.oracle.com/security-alerts/cpuoct2020.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { name: "https://support2.windriver.com/index.php?page=security-notices", refsource: "MISC", url: "https://support2.windriver.com/index.php?page=security-notices", }, { name: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", refsource: "CONFIRM", url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { name: "https://security.netapp.com/advisory/ntap-20190802-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { name: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", refsource: "CONFIRM", url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { name: "https://support.f5.com/csp/article/K41190253", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K41190253", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, { name: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12261", refsource: "MISC", url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12261", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-12261", datePublished: "2019-08-09T20:27:25", dateReserved: "2019-05-21T00:00:00", dateUpdated: "2024-08-04T23:17:38.872Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2023-38346 (GCVE-0-2023-38346)
Vulnerability from cvelistv5
Published
2023-09-22 00:00
Modified
2024-09-25 15:13
Severity ?
EPSS score ?
Summary
An issue was discovered in Wind River VxWorks 6.9 and 7. The function ``tarExtract`` implements TAR file extraction and thereby also processes files within an archive that have relative or absolute file paths. A developer using the "tarExtract" function may expect that the function will strip leading slashes from absolute paths or stop processing when encountering relative paths that are outside of the extraction path, unless otherwise forced. This could lead to unexpected and undocumented behavior, which in general could result in a directory traversal, and associated unexpected behavior.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:39:13.507Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { tags: [ "x_transferred", ], url: "https://www.pentagrid.ch/en/blog/wind-river-vxworks-tarextract-directory-traversal-vulnerability/", }, { tags: [ "x_transferred", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2023-38346", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:o:windriver:vxworks:6.9:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "vxworks", vendor: "windriver", versions: [ { status: "affected", version: "6.9", }, ], }, { cpes: [ "cpe:2.3:o:windriver:vxworks:7.0:-:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "vxworks", vendor: "windriver", versions: [ { status: "affected", version: "7.0", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-38346", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-09-25T15:13:15.430339Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-25T15:13:20.054Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in Wind River VxWorks 6.9 and 7. The function ``tarExtract`` implements TAR file extraction and thereby also processes files within an archive that have relative or absolute file paths. A developer using the \"tarExtract\" function may expect that the function will strip leading slashes from absolute paths or stop processing when encountering relative paths that are outside of the extraction path, unless otherwise forced. This could lead to unexpected and undocumented behavior, which in general could result in a directory traversal, and associated unexpected behavior.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-09-22T18:22:19.692072", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://support2.windriver.com/index.php?page=security-notices", }, { url: "https://www.pentagrid.ch/en/blog/wind-river-vxworks-tarextract-directory-traversal-vulnerability/", }, { url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2023-38346", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-38346", datePublished: "2023-09-22T00:00:00", dateReserved: "2023-07-15T00:00:00", dateUpdated: "2024-09-25T15:13:20.054Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2013-0715 (GCVE-0-2013-0715)
Vulnerability from cvelistv5
Published
2013-03-20 18:00
Modified
2024-08-06 14:33
Severity ?
EPSS score ?
Summary
The WebCLI component in Wind River VxWorks 5.5 through 6.9 allows remote authenticated users to cause a denial of service (CLI session crash) via a crafted command string.
References
| ▼ | URL | Tags |
|---|---|---|
| http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01 | x_refsource_MISC | |
| http://jvndb.jvn.jp/jvndb/JVNDB-2013-000022 | third-party-advisory, x_refsource_JVNDB | |
| http://jvn.jp/en/jp/JVN65923092/index.html | third-party-advisory, x_refsource_JVN | |
| http://jvn.jp/en/jp/JVN65923092/995359/index.html | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T14:33:05.501Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01", }, { name: "JVNDB-2013-000022", tags: [ "third-party-advisory", "x_refsource_JVNDB", "x_transferred", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000022", }, { name: "JVN#65923092", tags: [ "third-party-advisory", "x_refsource_JVN", "x_transferred", ], url: "http://jvn.jp/en/jp/JVN65923092/index.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://jvn.jp/en/jp/JVN65923092/995359/index.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-03-18T00:00:00", descriptions: [ { lang: "en", value: "The WebCLI component in Wind River VxWorks 5.5 through 6.9 allows remote authenticated users to cause a denial of service (CLI session crash) via a crafted command string.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-05-21T09:00:00", orgId: "ede6fdc4-6654-4307-a26d-3331c018e2ce", shortName: "jpcert", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01", }, { name: "JVNDB-2013-000022", tags: [ "third-party-advisory", "x_refsource_JVNDB", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000022", }, { name: "JVN#65923092", tags: [ "third-party-advisory", "x_refsource_JVN", ], url: "http://jvn.jp/en/jp/JVN65923092/index.html", }, { tags: [ "x_refsource_MISC", ], url: "http://jvn.jp/en/jp/JVN65923092/995359/index.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "vultures@jpcert.or.jp", ID: "CVE-2013-0715", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The WebCLI component in Wind River VxWorks 5.5 through 6.9 allows remote authenticated users to cause a denial of service (CLI session crash) via a crafted command string.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01", refsource: "MISC", url: "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01", }, { name: "JVNDB-2013-000022", refsource: "JVNDB", url: "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000022", }, { name: "JVN#65923092", refsource: "JVN", url: "http://jvn.jp/en/jp/JVN65923092/index.html", }, { name: "http://jvn.jp/en/jp/JVN65923092/995359/index.html", refsource: "MISC", url: "http://jvn.jp/en/jp/JVN65923092/995359/index.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ede6fdc4-6654-4307-a26d-3331c018e2ce", assignerShortName: "jpcert", cveId: "CVE-2013-0715", datePublished: "2013-03-20T18:00:00", dateReserved: "2012-12-28T00:00:00", dateUpdated: "2024-08-06T14:33:05.501Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2013-0711 (GCVE-0-2013-0711)
Vulnerability from cvelistv5
Published
2013-03-20 18:00
Modified
2024-08-06 14:33
Severity ?
EPSS score ?
Summary
IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote attackers to cause a denial of service (daemon outage) via a crafted authentication request.
References
| ▼ | URL | Tags |
|---|---|---|
| http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01 | x_refsource_MISC | |
| http://jvn.jp/en/jp/JVN45545972/995359/index.html | x_refsource_MISC | |
| http://jvn.jp/en/jp/JVN45545972/index.html | third-party-advisory, x_refsource_JVN | |
| http://jvndb.jvn.jp/jvndb/JVNDB-2013-000018 | third-party-advisory, x_refsource_JVNDB |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T14:33:05.463Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://jvn.jp/en/jp/JVN45545972/995359/index.html", }, { name: "JVN#45545972", tags: [ "third-party-advisory", "x_refsource_JVN", "x_transferred", ], url: "http://jvn.jp/en/jp/JVN45545972/index.html", }, { name: "JVNDB-2013-000018", tags: [ "third-party-advisory", "x_refsource_JVNDB", "x_transferred", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000018", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-03-18T00:00:00", descriptions: [ { lang: "en", value: "IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote attackers to cause a denial of service (daemon outage) via a crafted authentication request.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-05-21T09:00:00", orgId: "ede6fdc4-6654-4307-a26d-3331c018e2ce", shortName: "jpcert", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01", }, { tags: [ "x_refsource_MISC", ], url: "http://jvn.jp/en/jp/JVN45545972/995359/index.html", }, { name: "JVN#45545972", tags: [ "third-party-advisory", "x_refsource_JVN", ], url: "http://jvn.jp/en/jp/JVN45545972/index.html", }, { name: "JVNDB-2013-000018", tags: [ "third-party-advisory", "x_refsource_JVNDB", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000018", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "vultures@jpcert.or.jp", ID: "CVE-2013-0711", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote attackers to cause a denial of service (daemon outage) via a crafted authentication request.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01", refsource: "MISC", url: "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01", }, { name: "http://jvn.jp/en/jp/JVN45545972/995359/index.html", refsource: "MISC", url: "http://jvn.jp/en/jp/JVN45545972/995359/index.html", }, { name: "JVN#45545972", refsource: "JVN", url: "http://jvn.jp/en/jp/JVN45545972/index.html", }, { name: "JVNDB-2013-000018", refsource: "JVNDB", url: "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000018", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ede6fdc4-6654-4307-a26d-3331c018e2ce", assignerShortName: "jpcert", cveId: "CVE-2013-0711", datePublished: "2013-03-20T18:00:00", dateReserved: "2012-12-28T00:00:00", dateUpdated: "2024-08-06T14:33:05.463Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-3963 (GCVE-0-2015-3963)
Vulnerability from cvelistv5
Published
2015-08-04 01:00
Modified
2024-08-06 06:04
Severity ?
EPSS score ?
Summary
Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices before J2 and other devices, does not properly generate TCP initial sequence number (ISN) values, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/75302 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1032730 | vdb-entry, x_refsource_SECTRACK | |
| http://www.schneider-electric.com/ww/en/download/document/SEVD-2015-162-01 | x_refsource_CONFIRM | |
| https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01A | x_refsource_MISC | |
| http://www.securitytracker.com/id/1033181 | vdb-entry, x_refsource_SECTRACK | |
| https://security.netapp.com/advisory/ntap-20160324-0001/ | x_refsource_CONFIRM | |
| https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:04:01.028Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "75302", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/75302", }, { name: "1032730", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032730", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.schneider-electric.com/ww/en/download/document/SEVD-2015-162-01", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01A", }, { name: "1033181", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1033181", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20160324-0001/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-06-18T00:00:00", descriptions: [ { lang: "en", value: "Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices before J2 and other devices, does not properly generate TCP initial sequence number (ISN) values, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-11-09T10:57:01", orgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", shortName: "icscert", }, references: [ { name: "75302", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/75302", }, { name: "1032730", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032730", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.schneider-electric.com/ww/en/download/document/SEVD-2015-162-01", }, { tags: [ "x_refsource_MISC", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01A", }, { name: "1033181", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1033181", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20160324-0001/", }, { tags: [ "x_refsource_MISC", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "ics-cert@hq.dhs.gov", ID: "CVE-2015-3963", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices before J2 and other devices, does not properly generate TCP initial sequence number (ISN) values, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "75302", refsource: "BID", url: "http://www.securityfocus.com/bid/75302", }, { name: "1032730", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032730", }, { name: "http://www.schneider-electric.com/ww/en/download/document/SEVD-2015-162-01", refsource: "CONFIRM", url: "http://www.schneider-electric.com/ww/en/download/document/SEVD-2015-162-01", }, { name: "https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01A", refsource: "MISC", url: "https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01A", }, { name: "1033181", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1033181", }, { name: "https://security.netapp.com/advisory/ntap-20160324-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20160324-0001/", }, { name: "https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01", refsource: "MISC", url: "https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", assignerShortName: "icscert", cveId: "CVE-2015-3963", datePublished: "2015-08-04T01:00:00", dateReserved: "2015-05-12T00:00:00", dateUpdated: "2024-08-06T06:04:01.028Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2010-2967 (GCVE-0-2010-2967)
Vulnerability from cvelistv5
Published
2010-08-04 21:00
Modified
2024-09-16 16:57
Severity ?
EPSS score ?
Summary
The loginDefaultEncrypt algorithm in loginLib in Wind River VxWorks before 6.9 does not properly support a large set of distinct possible passwords, which makes it easier for remote attackers to obtain access via a (1) telnet, (2) rlogin, or (3) FTP session.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033709 | x_refsource_CONFIRM | |
| http://www.kb.cert.org/vuls/id/840249 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.kb.cert.org/vuls/id/MAPG-863QH9 | x_refsource_CONFIRM | |
| http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T02:55:45.939Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033709", }, { name: "VU#840249", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/840249", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/MAPG-863QH9", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The loginDefaultEncrypt algorithm in loginLib in Wind River VxWorks before 6.9 does not properly support a large set of distinct possible passwords, which makes it easier for remote attackers to obtain access via a (1) telnet, (2) rlogin, or (3) FTP session.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2010-08-04T21:00:00Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033709", }, { name: "VU#840249", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/840249", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.kb.cert.org/vuls/id/MAPG-863QH9", }, { tags: [ "x_refsource_MISC", ], url: "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2010-2967", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The loginDefaultEncrypt algorithm in loginLib in Wind River VxWorks before 6.9 does not properly support a large set of distinct possible passwords, which makes it easier for remote attackers to obtain access via a (1) telnet, (2) rlogin, or (3) FTP session.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033709", refsource: "CONFIRM", url: "https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033709", }, { name: "VU#840249", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/840249", }, { name: "http://www.kb.cert.org/vuls/id/MAPG-863QH9", refsource: "CONFIRM", url: "http://www.kb.cert.org/vuls/id/MAPG-863QH9", }, { name: "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", refsource: "MISC", url: "http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2010-2967", datePublished: "2010-08-04T21:00:00Z", dateReserved: "2010-08-04T00:00:00Z", dateUpdated: "2024-09-16T16:57:53.586Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-12256 (GCVE-0-2019-12256)
Vulnerability from cvelistv5
Published
2019-08-09 17:57
Modified
2024-08-04 23:17
Severity ?
EPSS score ?
Summary
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets’ IP options.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support2.windriver.com/index.php?page=security-notices | x_refsource_MISC | |
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009 | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20190802-0001/ | x_refsource_CONFIRM | |
| https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/ | x_refsource_CONFIRM | |
| https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12256 | x_refsource_CONFIRM | |
| https://support.f5.com/csp/article/K41190253 | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T23:17:39.700Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12256", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K41190253", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets’ IP options.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-05-12T12:06:16", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12256", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K41190253", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-12256", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets’ IP options.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://support2.windriver.com/index.php?page=security-notices", refsource: "MISC", url: "https://support2.windriver.com/index.php?page=security-notices", }, { name: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", refsource: "CONFIRM", url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { name: "https://security.netapp.com/advisory/ntap-20190802-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { name: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", refsource: "CONFIRM", url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { name: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12256", refsource: "CONFIRM", url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12256", }, { name: "https://support.f5.com/csp/article/K41190253", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K41190253", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-12256", datePublished: "2019-08-09T17:57:13", dateReserved: "2019-05-21T00:00:00", dateUpdated: "2024-08-04T23:17:39.700Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2008-2476 (GCVE-0-2008-2476)
Vulnerability from cvelistv5
Published
2008-10-03 15:00
Modified
2024-08-07 09:05
Severity ?
EPSS score ?
Summary
The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB).
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T09:05:29.861Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "32406", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32406", }, { name: "multiple-vendors-ndp-dos(45601)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/45601", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.apple.com/kb/HT3467", }, { name: "[4.2] 015: SECURITY FIX: October 2, 2008", tags: [ "vendor-advisory", "x_refsource_OPENBSD", "x_transferred", ], url: "http://www.openbsd.org/errata42.html#015_ndp", }, { name: "ADV-2008-2751", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2008/2751", }, { name: "1021109", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id?1021109", }, { name: "1020968", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1020968", }, { name: "32133", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32133", }, { name: "VU#472363", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/472363", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/MAPG-7H2RY7", }, { name: "32116", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32116", }, { name: "1021132", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id?1021132", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2008-09-036&viewMode=view", }, { name: "ADV-2008-2750", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2008/2750", }, { name: "ADV-2008-2752", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2008/2752", }, { name: "31529", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/31529", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/MAPG-7H2S68", }, { name: "FreeBSD-SA-08:10", tags: [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred", ], url: "http://security.freebsd.org/advisories/FreeBSD-SA-08:10.nd6.asc", }, { name: "[4.3] 006: SECURITY FIX: October 2, 2008", tags: [ "vendor-advisory", "x_refsource_OPENBSD", "x_transferred", ], url: "http://www.openbsd.org/errata43.html#006_ndp", }, { name: "32112", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32112", }, { name: "NetBSD-SA2008-013", tags: [ "vendor-advisory", "x_refsource_NETBSD", "x_transferred", ], url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-013.txt.asc", }, { name: "oval:org.mitre.oval:def:5670", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5670", }, { name: "32117", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32117", }, { name: "ADV-2009-0633", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/0633", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2008-10-02T00:00:00", descriptions: [ { lang: "en", value: "The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB).", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-28T12:57:01", orgId: "37e5125f-f79b-445b-8fad-9564f167944b", shortName: "certcc", }, references: [ { name: "32406", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32406", }, { name: "multiple-vendors-ndp-dos(45601)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/45601", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.apple.com/kb/HT3467", }, { name: "[4.2] 015: SECURITY FIX: October 2, 2008", tags: [ "vendor-advisory", "x_refsource_OPENBSD", ], url: "http://www.openbsd.org/errata42.html#015_ndp", }, { name: "ADV-2008-2751", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2008/2751", }, { name: "1021109", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id?1021109", }, { name: "1020968", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1020968", }, { name: "32133", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32133", }, { name: "VU#472363", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/472363", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.kb.cert.org/vuls/id/MAPG-7H2RY7", }, { name: "32116", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32116", }, { name: "1021132", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id?1021132", }, { tags: [ "x_refsource_MISC", ], url: "https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2008-09-036&viewMode=view", }, { name: "ADV-2008-2750", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2008/2750", }, { name: "ADV-2008-2752", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2008/2752", }, { name: "31529", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/31529", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.kb.cert.org/vuls/id/MAPG-7H2S68", }, { name: "FreeBSD-SA-08:10", tags: [ "vendor-advisory", "x_refsource_FREEBSD", ], url: "http://security.freebsd.org/advisories/FreeBSD-SA-08:10.nd6.asc", }, { name: "[4.3] 006: SECURITY FIX: October 2, 2008", tags: [ "vendor-advisory", "x_refsource_OPENBSD", ], url: "http://www.openbsd.org/errata43.html#006_ndp", }, { name: "32112", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32112", }, { name: "NetBSD-SA2008-013", tags: [ "vendor-advisory", "x_refsource_NETBSD", ], url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-013.txt.asc", }, { name: "oval:org.mitre.oval:def:5670", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5670", }, { name: "32117", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32117", }, { name: "ADV-2009-0633", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/0633", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cert@cert.org", ID: "CVE-2008-2476", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB).", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "32406", refsource: "SECUNIA", url: "http://secunia.com/advisories/32406", }, { name: "multiple-vendors-ndp-dos(45601)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/45601", }, { name: "http://support.apple.com/kb/HT3467", refsource: "CONFIRM", url: "http://support.apple.com/kb/HT3467", }, { name: "[4.2] 015: SECURITY FIX: October 2, 2008", refsource: "OPENBSD", url: "http://www.openbsd.org/errata42.html#015_ndp", }, { name: "ADV-2008-2751", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/2751", }, { name: "1021109", refsource: "SECTRACK", url: "http://www.securitytracker.com/id?1021109", }, { name: "1020968", refsource: "SECTRACK", url: "http://securitytracker.com/id?1020968", }, { name: "32133", refsource: "SECUNIA", url: "http://secunia.com/advisories/32133", }, { name: "VU#472363", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/472363", }, { name: "http://www.kb.cert.org/vuls/id/MAPG-7H2RY7", refsource: "CONFIRM", url: "http://www.kb.cert.org/vuls/id/MAPG-7H2RY7", }, { name: "32116", refsource: "SECUNIA", url: "http://secunia.com/advisories/32116", }, { name: "1021132", refsource: "SECTRACK", url: "http://www.securitytracker.com/id?1021132", }, { name: "https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2008-09-036&viewMode=view", refsource: "MISC", url: "https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2008-09-036&viewMode=view", }, { name: "ADV-2008-2750", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/2750", }, { name: "ADV-2008-2752", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/2752", }, { name: "31529", refsource: "BID", url: "http://www.securityfocus.com/bid/31529", }, { name: "http://www.kb.cert.org/vuls/id/MAPG-7H2S68", refsource: "CONFIRM", url: "http://www.kb.cert.org/vuls/id/MAPG-7H2S68", }, { name: "FreeBSD-SA-08:10", refsource: "FREEBSD", url: "http://security.freebsd.org/advisories/FreeBSD-SA-08:10.nd6.asc", }, { name: "[4.3] 006: SECURITY FIX: October 2, 2008", refsource: "OPENBSD", url: "http://www.openbsd.org/errata43.html#006_ndp", }, { name: "32112", refsource: "SECUNIA", url: "http://secunia.com/advisories/32112", }, { name: "NetBSD-SA2008-013", refsource: "NETBSD", url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-013.txt.asc", }, { name: "oval:org.mitre.oval:def:5670", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5670", }, { name: "32117", refsource: "SECUNIA", url: "http://secunia.com/advisories/32117", }, { name: "ADV-2009-0633", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/0633", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "37e5125f-f79b-445b-8fad-9564f167944b", assignerShortName: "certcc", cveId: "CVE-2008-2476", datePublished: "2008-10-03T15:00:00", dateReserved: "2008-05-28T00:00:00", dateUpdated: "2024-08-07T09:05:29.861Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-9865 (GCVE-0-2019-9865)
Vulnerability from cvelistv5
Published
2019-05-29 16:33
Modified
2024-08-04 22:01
Severity ?
EPSS score ?
Summary
When RPC is enabled in Wind River VxWorks 6.9 prior to 6.9.1, a specially crafted RPC request can trigger an integer overflow leading to an out-of-bounds memory copy. It may allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support2.windriver.com/index.php?page=security-notices | x_refsource_MISC | |
| https://www.windriver.com/feeds/wind_river_security_notices.xml | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:01:54.887Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.windriver.com/feeds/wind_river_security_notices.xml", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "When RPC is enabled in Wind River VxWorks 6.9 prior to 6.9.1, a specially crafted RPC request can trigger an integer overflow leading to an out-of-bounds memory copy. It may allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-29T16:33:27", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.windriver.com/feeds/wind_river_security_notices.xml", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-9865", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "When RPC is enabled in Wind River VxWorks 6.9 prior to 6.9.1, a specially crafted RPC request can trigger an integer overflow leading to an out-of-bounds memory copy. It may allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://support2.windriver.com/index.php?page=security-notices", refsource: "MISC", url: "https://support2.windriver.com/index.php?page=security-notices", }, { name: "https://www.windriver.com/feeds/wind_river_security_notices.xml", refsource: "CONFIRM", url: "https://www.windriver.com/feeds/wind_river_security_notices.xml", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-9865", datePublished: "2019-05-29T16:33:27", dateReserved: "2019-03-19T00:00:00", dateUpdated: "2024-08-04T22:01:54.887Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2013-0713 (GCVE-0-2013-0713)
Vulnerability from cvelistv5
Published
2013-03-20 18:00
Modified
2024-08-06 14:33
Severity ?
EPSS score ?
Summary
IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote authenticated users to cause a denial of service (daemon outage) via a crafted pty request.
References
| ▼ | URL | Tags |
|---|---|---|
| http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01 | x_refsource_MISC | |
| http://jvn.jp/en/jp/JVN52492830/index.html | third-party-advisory, x_refsource_JVN | |
| http://jvn.jp/en/jp/JVN52492830/995359/index.html | x_refsource_MISC | |
| http://jvndb.jvn.jp/jvndb/JVNDB-2013-000020 | third-party-advisory, x_refsource_JVNDB |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T14:33:05.660Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01", }, { name: "JVN#52492830", tags: [ "third-party-advisory", "x_refsource_JVN", "x_transferred", ], url: "http://jvn.jp/en/jp/JVN52492830/index.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://jvn.jp/en/jp/JVN52492830/995359/index.html", }, { name: "JVNDB-2013-000020", tags: [ "third-party-advisory", "x_refsource_JVNDB", "x_transferred", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000020", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-03-18T00:00:00", descriptions: [ { lang: "en", value: "IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote authenticated users to cause a denial of service (daemon outage) via a crafted pty request.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-05-21T09:00:00", orgId: "ede6fdc4-6654-4307-a26d-3331c018e2ce", shortName: "jpcert", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01", }, { name: "JVN#52492830", tags: [ "third-party-advisory", "x_refsource_JVN", ], url: "http://jvn.jp/en/jp/JVN52492830/index.html", }, { tags: [ "x_refsource_MISC", ], url: "http://jvn.jp/en/jp/JVN52492830/995359/index.html", }, { name: "JVNDB-2013-000020", tags: [ "third-party-advisory", "x_refsource_JVNDB", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000020", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "vultures@jpcert.or.jp", ID: "CVE-2013-0713", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote authenticated users to cause a denial of service (daemon outage) via a crafted pty request.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01", refsource: "MISC", url: "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01", }, { name: "JVN#52492830", refsource: "JVN", url: "http://jvn.jp/en/jp/JVN52492830/index.html", }, { name: "http://jvn.jp/en/jp/JVN52492830/995359/index.html", refsource: "MISC", url: "http://jvn.jp/en/jp/JVN52492830/995359/index.html", }, { name: "JVNDB-2013-000020", refsource: "JVNDB", url: "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000020", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ede6fdc4-6654-4307-a26d-3331c018e2ce", assignerShortName: "jpcert", cveId: "CVE-2013-0713", datePublished: "2013-03-20T18:00:00", dateReserved: "2012-12-28T00:00:00", dateUpdated: "2024-08-06T14:33:05.660Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-12263 (GCVE-0-2019-12263)
Vulnerability from cvelistv5
Published
2019-08-09 18:10
Modified
2024-08-04 23:17
Severity ?
EPSS score ?
Summary
Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There is an IPNET security vulnerability: TCP Urgent Pointer state confusion due to race condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support2.windriver.com/index.php?page=security-notices | x_refsource_MISC | |
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009 | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20190802-0001/ | x_refsource_CONFIRM | |
| https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/ | x_refsource_CONFIRM | |
| https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12263 | x_refsource_CONFIRM | |
| https://support.f5.com/csp/article/K41190253 | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T23:17:39.559Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12263", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K41190253", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There is an IPNET security vulnerability: TCP Urgent Pointer state confusion due to race condition.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-05-12T12:06:17", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12263", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K41190253", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-12263", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There is an IPNET security vulnerability: TCP Urgent Pointer state confusion due to race condition.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://support2.windriver.com/index.php?page=security-notices", refsource: "MISC", url: "https://support2.windriver.com/index.php?page=security-notices", }, { name: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", refsource: "CONFIRM", url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", }, { name: "https://security.netapp.com/advisory/ntap-20190802-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190802-0001/", }, { name: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", refsource: "CONFIRM", url: "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", }, { name: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12263", refsource: "CONFIRM", url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12263", }, { name: "https://support.f5.com/csp/article/K41190253", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K41190253", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-12263", datePublished: "2019-08-09T18:10:00", dateReserved: "2019-05-21T00:00:00", dateUpdated: "2024-08-04T23:17:39.559Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-23937 (GCVE-0-2022-23937)
Vulnerability from cvelistv5
Published
2022-03-29 01:21
Modified
2024-08-03 03:59
Severity ?
EPSS score ?
Summary
In Wind River VxWorks 6.9 and 7, a specific crafted packet may lead to an out-of-bounds read during an IKE initial exchange scenario.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support2.windriver.com/index.php?page=security-notices | x_refsource_MISC | |
| https://support2.windriver.com/index.php?page=cve&pg=21#list | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:59:23.097Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=cve&pg=21#list", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "In Wind River VxWorks 6.9 and 7, a specific crafted packet may lead to an out-of-bounds read during an IKE initial exchange scenario.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:N/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-03-29T01:21:06", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { tags: [ "x_refsource_MISC", ], url: "https://support2.windriver.com/index.php?page=cve&pg=21#list", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2022-23937", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In Wind River VxWorks 6.9 and 7, a specific crafted packet may lead to an out-of-bounds read during an IKE initial exchange scenario.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:N/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://support2.windriver.com/index.php?page=security-notices", refsource: "MISC", url: "https://support2.windriver.com/index.php?page=security-notices", }, { name: "https://support2.windriver.com/index.php?page=cve&pg=21#list", refsource: "MISC", url: "https://support2.windriver.com/index.php?page=cve&pg=21#list", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-23937", datePublished: "2022-03-29T01:21:06", dateReserved: "2022-01-25T00:00:00", dateUpdated: "2024-08-03T03:59:23.097Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-35198 (GCVE-0-2020-35198)
Vulnerability from cvelistv5
Published
2021-05-12 10:55
Modified
2024-08-04 17:02
Severity ?
EPSS score ?
Summary
An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer overflow in calculating a memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support2.windriver.com/index.php?page=security-notices | x_refsource_MISC | |
| https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-35198 | x_refsource_MISC | |
| https://www.oracle.com/security-alerts/cpuapr2022.html | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:02:06.842Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-35198", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer overflow in calculating a memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-19T23:22:42", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support2.windriver.com/index.php?page=security-notices", }, { tags: [ "x_refsource_MISC", ], url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-35198", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-35198", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer overflow in calculating a memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://support2.windriver.com/index.php?page=security-notices", refsource: "MISC", url: "https://support2.windriver.com/index.php?page=security-notices", }, { name: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-35198", refsource: "MISC", url: "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-35198", }, { name: "https://www.oracle.com/security-alerts/cpuapr2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-35198", datePublished: "2021-05-12T10:55:47", dateReserved: "2020-12-12T00:00:00", dateUpdated: "2024-08-04T17:02:06.842Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2013-0714 (GCVE-0-2013-0714)
Vulnerability from cvelistv5
Published
2013-03-20 18:00
Modified
2024-08-06 14:33
Severity ?
EPSS score ?
Summary
IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote attackers to execute arbitrary code or cause a denial of service (daemon hang) via a crafted public-key authentication request.
References
| ▼ | URL | Tags |
|---|---|---|
| http://jvn.jp/en/jp/JVN20671901/index.html | third-party-advisory, x_refsource_JVN | |
| http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01 | x_refsource_MISC | |
| http://jvndb.jvn.jp/jvndb/JVNDB-2013-000021 | third-party-advisory, x_refsource_JVNDB | |
| http://jvn.jp/en/jp/JVN20671901/995359/index.html | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T14:33:05.655Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "JVN#20671901", tags: [ "third-party-advisory", "x_refsource_JVN", "x_transferred", ], url: "http://jvn.jp/en/jp/JVN20671901/index.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01", }, { name: "JVNDB-2013-000021", tags: [ "third-party-advisory", "x_refsource_JVNDB", "x_transferred", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000021", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://jvn.jp/en/jp/JVN20671901/995359/index.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-03-18T00:00:00", descriptions: [ { lang: "en", value: "IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote attackers to execute arbitrary code or cause a denial of service (daemon hang) via a crafted public-key authentication request.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-05-21T09:00:00", orgId: "ede6fdc4-6654-4307-a26d-3331c018e2ce", shortName: "jpcert", }, references: [ { name: "JVN#20671901", tags: [ "third-party-advisory", "x_refsource_JVN", ], url: "http://jvn.jp/en/jp/JVN20671901/index.html", }, { tags: [ "x_refsource_MISC", ], url: "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01", }, { name: "JVNDB-2013-000021", tags: [ "third-party-advisory", "x_refsource_JVNDB", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000021", }, { tags: [ "x_refsource_MISC", ], url: "http://jvn.jp/en/jp/JVN20671901/995359/index.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "vultures@jpcert.or.jp", ID: "CVE-2013-0714", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote attackers to execute arbitrary code or cause a denial of service (daemon hang) via a crafted public-key authentication request.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "JVN#20671901", refsource: "JVN", url: "http://jvn.jp/en/jp/JVN20671901/index.html", }, { name: "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01", refsource: "MISC", url: "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01", }, { name: "JVNDB-2013-000021", refsource: "JVNDB", url: "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000021", }, { name: "http://jvn.jp/en/jp/JVN20671901/995359/index.html", refsource: "MISC", url: "http://jvn.jp/en/jp/JVN20671901/995359/index.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ede6fdc4-6654-4307-a26d-3331c018e2ce", assignerShortName: "jpcert", cveId: "CVE-2013-0714", datePublished: "2013-03-20T18:00:00", dateReserved: "2012-12-28T00:00:00", dateUpdated: "2024-08-06T14:33:05.655Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2013-0716 (GCVE-0-2013-0716)
Vulnerability from cvelistv5
Published
2013-03-20 18:00
Modified
2024-08-06 14:33
Severity ?
EPSS score ?
Summary
The web server in Wind River VxWorks 5.5 through 6.9 allows remote attackers to cause a denial of service (daemon crash) via a crafted URI.
References
| ▼ | URL | Tags |
|---|---|---|
| http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01 | x_refsource_MISC | |
| http://jvn.jp/en/jp/JVN41022517/995359/index.html | x_refsource_MISC | |
| http://jvndb.jvn.jp/jvndb/JVNDB-2013-000023 | third-party-advisory, x_refsource_JVNDB | |
| http://jvn.jp/en/jp/JVN41022517/index.html | third-party-advisory, x_refsource_JVN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T14:33:05.518Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://jvn.jp/en/jp/JVN41022517/995359/index.html", }, { name: "JVNDB-2013-000023", tags: [ "third-party-advisory", "x_refsource_JVNDB", "x_transferred", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000023", }, { name: "JVN#41022517", tags: [ "third-party-advisory", "x_refsource_JVN", "x_transferred", ], url: "http://jvn.jp/en/jp/JVN41022517/index.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-03-18T00:00:00", descriptions: [ { lang: "en", value: "The web server in Wind River VxWorks 5.5 through 6.9 allows remote attackers to cause a denial of service (daemon crash) via a crafted URI.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-05-21T09:00:00", orgId: "ede6fdc4-6654-4307-a26d-3331c018e2ce", shortName: "jpcert", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01", }, { tags: [ "x_refsource_MISC", ], url: "http://jvn.jp/en/jp/JVN41022517/995359/index.html", }, { name: "JVNDB-2013-000023", tags: [ "third-party-advisory", "x_refsource_JVNDB", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000023", }, { name: "JVN#41022517", tags: [ "third-party-advisory", "x_refsource_JVN", ], url: "http://jvn.jp/en/jp/JVN41022517/index.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "vultures@jpcert.or.jp", ID: "CVE-2013-0716", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The web server in Wind River VxWorks 5.5 through 6.9 allows remote attackers to cause a denial of service (daemon crash) via a crafted URI.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01", refsource: "MISC", url: "http://ics-cert.us-cert.gov/advisories/ICSA-13-091-01", }, { name: "http://jvn.jp/en/jp/JVN41022517/995359/index.html", refsource: "MISC", url: "http://jvn.jp/en/jp/JVN41022517/995359/index.html", }, { name: "JVNDB-2013-000023", refsource: "JVNDB", url: "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000023", }, { name: "JVN#41022517", refsource: "JVN", url: "http://jvn.jp/en/jp/JVN41022517/index.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ede6fdc4-6654-4307-a26d-3331c018e2ce", assignerShortName: "jpcert", cveId: "CVE-2013-0716", datePublished: "2013-03-20T18:00:00", dateReserved: "2012-12-28T00:00:00", dateUpdated: "2024-08-06T14:33:05.518Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }