Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2019-AVI-429
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | N/A | CloudConnect 712 versions antérieures à V1.1.5 | ||
| Siemens | N/A | SIMATIC TDC CP51M1 versions antérieures à V1.1.7 | ||
| Siemens | N/A | Se référer au bulletins de l'éditeurs pour la liste complète des produits vulnérables, notamment le bulletin de sécurité SSA-187667 concernant les dernières vulnérabilités affectant les Remote Desktop Services de Microsoft (cf. https://www.cert.ssi.gouv.fr/alerte/CERTFR-2019-ALE-012/). | ||
| Siemens | N/A | SINEMA Remote Connect Server versions antérieures à V2.0 SP1 | ||
| Siemens | N/A | SINETPLAN versions V2.0 sans TIA Administrator V1.0 SP1 Upd1 | ||
| Siemens | N/A | SCALANCE SC-600 versions antérieures à V2.0.1 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "CloudConnect 712 versions ant\u00e9rieures \u00e0 V1.1.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC TDC CP51M1 versions ant\u00e9rieures \u00e0 V1.1.7",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Se r\u00e9f\u00e9rer au bulletins de l\u0027\u00e9diteurs pour la liste compl\u00e8te des produits vuln\u00e9rables, notamment le bulletin de s\u00e9curit\u00e9 SSA-187667 concernant les derni\u00e8res vuln\u00e9rabilit\u00e9s affectant les Remote Desktop Services de Microsoft (cf. https://www.cert.ssi.gouv.fr/alerte/CERTFR-2019-ALE-012/).",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINEMA Remote Connect Server versions ant\u00e9rieures \u00e0 V2.0 SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINETPLAN versions V2.0 sans TIA Administrator V1.0 SP1 Upd1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE SC-600 versions ant\u00e9rieures \u00e0 V2.0.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-1182",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1182"
},
{
"name": "CVE-2019-10937",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10937"
},
{
"name": "CVE-2019-12256",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12256"
},
{
"name": "CVE-2019-13920",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13920"
},
{
"name": "CVE-2019-12264",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12264"
},
{
"name": "CVE-2019-11478",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11478"
},
{
"name": "CVE-2019-1222",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1222"
},
{
"name": "CVE-2019-12258",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12258"
},
{
"name": "CVE-2019-12259",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12259"
},
{
"name": "CVE-2019-12261",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12261"
},
{
"name": "CVE-2019-13922",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13922"
},
{
"name": "CVE-2019-1226",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1226"
},
{
"name": "CVE-2019-13923",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13923"
},
{
"name": "CVE-2019-10915",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10915"
},
{
"name": "CVE-2019-12263",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12263"
},
{
"name": "CVE-2019-11479",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11479"
},
{
"name": "CVE-2019-12257",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12257"
},
{
"name": "CVE-2019-1181",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1181"
},
{
"name": "CVE-2019-11477",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11477"
},
{
"name": "CVE-2019-12260",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12260"
},
{
"name": "CVE-2019-12262",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12262"
},
{
"name": "CVE-2019-12255",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12255"
},
{
"name": "CVE-2019-13918",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13918"
},
{
"name": "CVE-2019-13919",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13919"
},
{
"name": "CVE-2019-12265",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12265"
}
],
"links": [],
"reference": "CERTFR-2019-AVI-429",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-09-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-250618 du 10 septembre 2019",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-250618.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-462066 du 10 septembre 2019",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-189842 du 10 septembre 2019",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-187667 du 10 septembre 2019",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-187667.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-884497 du 10 septembre 2019",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-884497.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-834884 du 10 septembre 2019",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-834884.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-191683 du 10 septembre 2019",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-191683.pdf"
}
]
}
CVE-2019-10915 (GCVE-0-2019-10915)
Vulnerability from cvelistv5 – Published: 2019-07-11 21:17 – Updated: 2024-08-04 22:40
VLAI
EPSS
Summary
A vulnerability has been identified in TIA Administrator (All versions < V1.0 SP1 Upd1). The integrated configuration web application (TIA Administrator) allows to execute certain application commands without proper authentication. The vulnerability could be exploited by an attacker with local access to the affected system. Successful exploitation requires no privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.
Severity
No CVSS data available.
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_MISC |
| http://www.securityfocus.com/bid/109124 | vdb-entryx_refsource_BID |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://www.us-cert.gov/ics/advisories/icsa-19-253-02 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Siemens AG | TIA Administrator |
Affected:
All versions < V1.0 SP1 Upd1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:40:15.369Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-721298.pdf"
},
{
"name": "109124",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/109124"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-834884.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "TIA Administrator",
"vendor": "Siemens AG",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.0 SP1 Upd1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in TIA Administrator (All versions \u003c V1.0 SP1 Upd1). The integrated configuration web application (TIA Administrator) allows to execute certain application commands without proper authentication. The vulnerability could be exploited by an attacker with local access to the affected system. Successful exploitation requires no privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306: Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-24T15:35:14.000Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-721298.pdf"
},
{
"name": "109124",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/109124"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-834884.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2019-10915",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "TIA Administrator",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V1.0 SP1 Upd1"
}
]
}
}
]
},
"vendor_name": "Siemens AG"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in TIA Administrator (All versions \u003c V1.0 SP1 Upd1). The integrated configuration web application (TIA Administrator) allows to execute certain application commands without proper authentication. The vulnerability could be exploited by an attacker with local access to the affected system. Successful exploitation requires no privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-306: Missing Authentication for Critical Function"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-721298.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-721298.pdf"
},
{
"name": "109124",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/109124"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-834884.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-834884.pdf"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-19-253-02",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2019-10915",
"datePublished": "2019-07-11T21:17:46.000Z",
"dateReserved": "2019-04-08T00:00:00.000Z",
"dateUpdated": "2024-08-04T22:40:15.369Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-10937 (GCVE-0-2019-10937)
Vulnerability from cvelistv5 – Published: 2019-09-13 16:38 – Updated: 2024-08-04 22:40
VLAI
EPSS
Summary
A vulnerability has been identified in SIMATIC TDC CP51M1 (All versions < V1.1.7). An attacker with network access to the device could cause a Denial-of-Service condition by sending a specially crafted UDP packet. The vulnerability affects the UDP communication of the device. The security vulnerability could be exploited without authentication. No user interaction is required to exploit this security vulnerability. Successful exploitation of the security vulnerability compromises availability of the targeted system. At the time of advisory publication no public exploitation of this security vulnerability was known.
Severity
No CVSS data available.
CWE
- CWE-20 - Improper Input Validation
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_MISC |
| https://www.us-cert.gov/ics/advisories/icsa-19-253-05 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Siemens AG | SIMATIC TDC CP51M1 |
Affected:
All versions < V1.1.7
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:40:15.243Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-250618.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-05"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SIMATIC TDC CP51M1",
"vendor": "Siemens AG",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.1.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC TDC CP51M1 (All versions \u003c V1.1.7). An attacker with network access to the device could cause a Denial-of-Service condition by sending a specially crafted UDP packet. The vulnerability affects the UDP communication of the device. The security vulnerability could be exploited without authentication. No user interaction is required to exploit this security vulnerability. Successful exploitation of the security vulnerability compromises availability of the targeted system. At the time of advisory publication no public exploitation of this security vulnerability was known."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-24T19:48:55.000Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-250618.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-05"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2019-10937",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SIMATIC TDC CP51M1",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V1.1.7"
}
]
}
}
]
},
"vendor_name": "Siemens AG"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC TDC CP51M1 (All versions \u003c V1.1.7). An attacker with network access to the device could cause a Denial-of-Service condition by sending a specially crafted UDP packet. The vulnerability affects the UDP communication of the device. The security vulnerability could be exploited without authentication. No user interaction is required to exploit this security vulnerability. Successful exploitation of the security vulnerability compromises availability of the targeted system. At the time of advisory publication no public exploitation of this security vulnerability was known."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-250618.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-250618.pdf"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-19-253-05",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-05"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2019-10937",
"datePublished": "2019-09-13T16:38:32.000Z",
"dateReserved": "2019-04-08T00:00:00.000Z",
"dateUpdated": "2024-08-04T22:40:15.243Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11477 (GCVE-0-2019-11477)
Vulnerability from cvelistv5 – Published: 2019-06-18 23:34 – Updated: 2024-09-17 02:21
VLAI
EPSS
Title
Integer overflow in TCP_SKB_CB(skb)->tcp_gso_segs
Summary
Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.
Severity
7.5 (High)
CWE
- CWE-190 - Integer Overflow or Wraparound
Assigner
References
29 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux kernel |
Affected:
4.4 , < 4.4.182
(custom)
Affected: 4.9 , < 4.9.182 (custom) Affected: 4.14 , < 4.14.127 (custom) Affected: 4.19 , < 4.19.52 (custom) Affected: 5.1 , < 5.1.11 (custom) |
Date Public
2019-06-17 00:00
Credits
Jonathan Looney from Netflix
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:55:40.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#905115",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/905115"
},
{
"name": "[oss-security] 20190620 Re: Linux and FreeBSD Kernel: Multiple TCP-based remote denial of service issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/20/3"
},
{
"name": "RHSA-2019:1594",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1594"
},
{
"name": "RHSA-2019:1602",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1602"
},
{
"name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
},
{
"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
},
{
"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
},
{
"name": "RHSA-2019:1699",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1699"
},
{
"name": "[oss-security] 20191023 Membership application for linux-distros - VMware",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/24/1"
},
{
"name": "[oss-security] 20191029 Re: Membership application for linux-distros - VMware",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/29/3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=3b4929f65b0d8249f19a50245cd88ed1a2f78cff"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/vulnerabilities/tcpsack"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K78234183"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_28"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190625-0001/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0006"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2019-0010.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-kernel-en"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Linux kernel",
"vendor": "Linux",
"versions": [
{
"lessThan": "4.4.182",
"status": "affected",
"version": "4.4",
"versionType": "custom"
},
{
"lessThan": "4.9.182",
"status": "affected",
"version": "4.9",
"versionType": "custom"
},
{
"lessThan": "4.14.127",
"status": "affected",
"version": "4.14",
"versionType": "custom"
},
{
"lessThan": "4.19.52",
"status": "affected",
"version": "4.19",
"versionType": "custom"
},
{
"lessThan": "5.1.11",
"status": "affected",
"version": "5.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Jonathan Looney from Netflix"
}
],
"datePublic": "2019-06-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Jonathan Looney discovered that the TCP_SKB_CB(skb)-\u003etcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-20T21:14:56.000Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"name": "VU#905115",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/905115"
},
{
"name": "[oss-security] 20190620 Re: Linux and FreeBSD Kernel: Multiple TCP-based remote denial of service issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/20/3"
},
{
"name": "RHSA-2019:1594",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1594"
},
{
"name": "RHSA-2019:1602",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1602"
},
{
"name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
},
{
"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
},
{
"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
},
{
"name": "RHSA-2019:1699",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1699"
},
{
"name": "[oss-security] 20191023 Membership application for linux-distros - VMware",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/24/1"
},
{
"name": "[oss-security] 20191029 Re: Membership application for linux-distros - VMware",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/29/3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=3b4929f65b0d8249f19a50245cd88ed1a2f78cff"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/vulnerabilities/tcpsack"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K78234183"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_28"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190625-0001/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0006"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2019-0010.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-kernel-en"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt"
}
],
"source": {
"advisory": "https://usn.ubuntu.com/4017-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1831637"
],
"discovery": "UNKNOWN"
},
"title": "Integer overflow in TCP_SKB_CB(skb)-\u003etcp_gso_segs",
"x_generator": {
"engine": "Vulnogram 0.0.7"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "SACK Panic",
"ASSIGNER": "security@ubuntu.com",
"DATE_PUBLIC": "2019-06-17T00:00:00.000Z",
"ID": "CVE-2019-11477",
"STATE": "PUBLIC",
"TITLE": "Integer overflow in TCP_SKB_CB(skb)-\u003etcp_gso_segs"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Linux kernel",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "4.4",
"version_value": "4.4.182"
},
{
"version_affected": "\u003c",
"version_name": "4.9",
"version_value": "4.9.182"
},
{
"version_affected": "\u003c",
"version_name": "4.14",
"version_value": "4.14.127"
},
{
"version_affected": "\u003c",
"version_name": "4.19",
"version_value": "4.19.52"
},
{
"version_affected": "\u003c",
"version_name": "5.1",
"version_value": "5.1.11"
}
]
}
}
]
},
"vendor_name": "Linux"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Jonathan Looney from Netflix"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Jonathan Looney discovered that the TCP_SKB_CB(skb)-\u003etcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.7"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-190 Integer Overflow or Wraparound"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#905115",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/905115"
},
{
"name": "[oss-security] 20190620 Re: Linux and FreeBSD Kernel: Multiple TCP-based remote denial of service issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/06/20/3"
},
{
"name": "RHSA-2019:1594",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1594"
},
{
"name": "RHSA-2019:1602",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1602"
},
{
"name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
},
{
"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
},
{
"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
},
{
"name": "RHSA-2019:1699",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1699"
},
{
"name": "[oss-security] 20191023 Membership application for linux-distros - VMware",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/10/24/1"
},
{
"name": "[oss-security] 20191029 Re: Membership application for linux-distros - VMware",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/10/29/3"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=3b4929f65b0d8249f19a50245cd88ed1a2f78cff",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=3b4929f65b0d8249f19a50245cd88ed1a2f78cff"
},
{
"name": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md",
"refsource": "MISC",
"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md"
},
{
"name": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic",
"refsource": "MISC",
"url": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic"
},
{
"name": "https://access.redhat.com/security/vulnerabilities/tcpsack",
"refsource": "MISC",
"url": "https://access.redhat.com/security/vulnerabilities/tcpsack"
},
{
"name": "https://support.f5.com/csp/article/K78234183",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K78234183"
},
{
"name": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html"
},
{
"name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193",
"refsource": "CONFIRM",
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193"
},
{
"name": "https://www.synology.com/security/advisory/Synology_SA_19_28",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_19_28"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190625-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190625-0001/"
},
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0006",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0006"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2019-0010.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2019-0010.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03"
},
{
"name": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-kernel-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-kernel-en"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt"
}
]
},
"source": {
"advisory": "https://usn.ubuntu.com/4017-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1831637"
],
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2019-11477",
"datePublished": "2019-06-18T23:34:51.026Z",
"dateReserved": "2019-04-23T00:00:00.000Z",
"dateUpdated": "2024-09-17T02:21:15.995Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11478 (GCVE-0-2019-11478)
Vulnerability from cvelistv5 – Published: 2019-06-18 23:34 – Updated: 2024-09-16 23:45
VLAI
EPSS
Title
SACK can cause extensive memory use via fragmented resend queue
Summary
Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e.
Severity
5.3 (Medium)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
29 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux kernel |
Affected:
4.4 , < 4.4.182
(custom)
Affected: 4.9 , < 4.9.182 (custom) Affected: 4.14 , < 4.14.127 (custom) Affected: 4.19 , < 4.19.52 (custom) Affected: 5.1 , < 5.1.11 (custom) |
Date Public
2019-06-17 00:00
Credits
Jonathan Looney from Netflix
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:55:40.767Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#905115",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/905115"
},
{
"name": "RHSA-2019:1594",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1594"
},
{
"name": "RHSA-2019:1602",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1602"
},
{
"name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
},
{
"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
},
{
"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
},
{
"name": "RHSA-2019:1699",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1699"
},
{
"name": "20190722 [SECURITY] [DSA 4484-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Jul/30"
},
{
"name": "[oss-security] 20191023 Membership application for linux-distros - VMware",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/24/1"
},
{
"name": "[oss-security] 20191029 Re: Membership application for linux-distros - VMware",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/29/3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/vulnerabilities/tcpsack"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_28"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190625-0001/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2019-0010.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=f070ef2ac66716357066b683fb0baf55f8191a2e"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K26618426"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0007"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Linux kernel",
"vendor": "Linux",
"versions": [
{
"lessThan": "4.4.182",
"status": "affected",
"version": "4.4",
"versionType": "custom"
},
{
"lessThan": "4.9.182",
"status": "affected",
"version": "4.9",
"versionType": "custom"
},
{
"lessThan": "4.14.127",
"status": "affected",
"version": "4.14",
"versionType": "custom"
},
{
"lessThan": "4.19.52",
"status": "affected",
"version": "4.19",
"versionType": "custom"
},
{
"lessThan": "5.1.11",
"status": "affected",
"version": "5.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Jonathan Looney from Netflix"
}
],
"datePublic": "2019-06-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-20T21:14:56.000Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"name": "VU#905115",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/905115"
},
{
"name": "RHSA-2019:1594",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1594"
},
{
"name": "RHSA-2019:1602",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1602"
},
{
"name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
},
{
"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
},
{
"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
},
{
"name": "RHSA-2019:1699",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1699"
},
{
"name": "20190722 [SECURITY] [DSA 4484-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Jul/30"
},
{
"name": "[oss-security] 20191023 Membership application for linux-distros - VMware",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/24/1"
},
{
"name": "[oss-security] 20191029 Re: Membership application for linux-distros - VMware",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/29/3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/vulnerabilities/tcpsack"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_28"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190625-0001/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2019-0010.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=f070ef2ac66716357066b683fb0baf55f8191a2e"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K26618426"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0007"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html"
}
],
"source": {
"advisory": "https://usn.ubuntu.com/4017-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1831638"
],
"discovery": "UNKNOWN"
},
"title": "SACK can cause extensive memory use via fragmented resend queue",
"x_generator": {
"engine": "Vulnogram 0.0.7"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"DATE_PUBLIC": "2019-06-17T00:00:00.000Z",
"ID": "CVE-2019-11478",
"STATE": "PUBLIC",
"TITLE": "SACK can cause extensive memory use via fragmented resend queue"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Linux kernel",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "4.4",
"version_value": "4.4.182"
},
{
"version_affected": "\u003c",
"version_name": "4.9",
"version_value": "4.9.182"
},
{
"version_affected": "\u003c",
"version_name": "4.14",
"version_value": "4.14.127"
},
{
"version_affected": "\u003c",
"version_name": "4.19",
"version_value": "4.19.52"
},
{
"version_affected": "\u003c",
"version_name": "5.1",
"version_value": "5.1.11"
}
]
}
}
]
},
"vendor_name": "Linux"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Jonathan Looney from Netflix"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.7"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-770 Allocation of Resources Without Limits or Throttling"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#905115",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/905115"
},
{
"name": "RHSA-2019:1594",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1594"
},
{
"name": "RHSA-2019:1602",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1602"
},
{
"name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
},
{
"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
},
{
"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
},
{
"name": "RHSA-2019:1699",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1699"
},
{
"name": "20190722 [SECURITY] [DSA 4484-1] linux security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Jul/30"
},
{
"name": "[oss-security] 20191023 Membership application for linux-distros - VMware",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/10/24/1"
},
{
"name": "[oss-security] 20191029 Re: Membership application for linux-distros - VMware",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/10/29/3"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"name": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md",
"refsource": "MISC",
"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md"
},
{
"name": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic",
"refsource": "MISC",
"url": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic"
},
{
"name": "https://access.redhat.com/security/vulnerabilities/tcpsack",
"refsource": "MISC",
"url": "https://access.redhat.com/security/vulnerabilities/tcpsack"
},
{
"name": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html"
},
{
"name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193",
"refsource": "CONFIRM",
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193"
},
{
"name": "https://www.synology.com/security/advisory/Synology_SA_19_28",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_19_28"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190625-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190625-0001/"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2019-0010.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2019-0010.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03"
},
{
"name": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=f070ef2ac66716357066b683fb0baf55f8191a2e",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=f070ef2ac66716357066b683fb0baf55f8191a2e"
},
{
"name": "https://support.f5.com/csp/article/K26618426",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K26618426"
},
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0007",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0007"
},
{
"name": "http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html"
}
]
},
"source": {
"advisory": "https://usn.ubuntu.com/4017-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1831638"
],
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2019-11478",
"datePublished": "2019-06-18T23:34:51.077Z",
"dateReserved": "2019-04-23T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:45:54.779Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11479 (GCVE-0-2019-11479)
Vulnerability from cvelistv5 – Published: 2019-06-18 23:34 – Updated: 2024-09-16 23:22
VLAI
EPSS
Summary
Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363.
Severity
5.3 (Medium)
CWE
- CWE-405 - Asymmetric Resource Consumption (Amplification)
Assigner
References
28 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux kernel |
Affected:
4.4 , < 4.4.182
(custom)
Affected: 4.9 , < 4.9.182 (custom) Affected: 4.14 , < 4.14.127 (custom) Affected: 4.19 , < 4.19.52 (custom) Affected: 5.1 , < 5.1.11 (custom) |
Date Public
2019-06-17 00:00
Credits
Jonathan Looney from Netflix
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:55:40.780Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "108818",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108818"
},
{
"name": "VU#905115",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/905115"
},
{
"name": "RHSA-2019:1594",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1594"
},
{
"name": "RHSA-2019:1602",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1602"
},
{
"name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
},
{
"name": "USN-4041-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4041-2/"
},
{
"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
},
{
"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
},
{
"name": "RHSA-2019:1699",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1699"
},
{
"name": "USN-4041-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4041-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/vulnerabilities/tcpsack"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_28"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190625-0001/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=5f3e2bf008c2221478101ee72f5cb4654b9fc363"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=967c05aee439e6e5d7d805e195b3a20ef5c433d6"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K35421172"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0008"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K35421172?utm_source=f5support\u0026amp%3Butm_medium=RSS"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsma-20-170-06"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Linux kernel",
"vendor": "Linux",
"versions": [
{
"lessThan": "4.4.182",
"status": "affected",
"version": "4.4",
"versionType": "custom"
},
{
"lessThan": "4.9.182",
"status": "affected",
"version": "4.9",
"versionType": "custom"
},
{
"lessThan": "4.14.127",
"status": "affected",
"version": "4.14",
"versionType": "custom"
},
{
"lessThan": "4.19.52",
"status": "affected",
"version": "4.19",
"versionType": "custom"
},
{
"lessThan": "5.1.11",
"status": "affected",
"version": "5.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Jonathan Looney from Netflix"
}
],
"datePublic": "2019-06-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-405",
"description": "CWE-405 Asymmetric Resource Consumption (Amplification)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-20T21:14:56.000Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"name": "108818",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108818"
},
{
"name": "VU#905115",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/905115"
},
{
"name": "RHSA-2019:1594",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1594"
},
{
"name": "RHSA-2019:1602",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1602"
},
{
"name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
},
{
"name": "USN-4041-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4041-2/"
},
{
"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
},
{
"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
},
{
"name": "RHSA-2019:1699",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1699"
},
{
"name": "USN-4041-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4041-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/vulnerabilities/tcpsack"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_28"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190625-0001/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=5f3e2bf008c2221478101ee72f5cb4654b9fc363"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=967c05aee439e6e5d7d805e195b3a20ef5c433d6"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K35421172"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0008"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K35421172?utm_source=f5support\u0026amp%3Butm_medium=RSS"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsma-20-170-06"
}
],
"source": {
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1832286"
],
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.7"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"DATE_PUBLIC": "2019-06-17T00:00:00.000Z",
"ID": "CVE-2019-11479",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Linux kernel",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "4.4",
"version_value": "4.4.182"
},
{
"version_affected": "\u003c",
"version_name": "4.9",
"version_value": "4.9.182"
},
{
"version_affected": "\u003c",
"version_name": "4.14",
"version_value": "4.14.127"
},
{
"version_affected": "\u003c",
"version_name": "4.19",
"version_value": "4.19.52"
},
{
"version_affected": "\u003c",
"version_name": "5.1",
"version_value": "5.1.11"
}
]
}
}
]
},
"vendor_name": "Linux"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Jonathan Looney from Netflix"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.7"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-405 Asymmetric Resource Consumption (Amplification)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "108818",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108818"
},
{
"name": "VU#905115",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/905115"
},
{
"name": "RHSA-2019:1594",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1594"
},
{
"name": "RHSA-2019:1602",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1602"
},
{
"name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
},
{
"name": "USN-4041-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4041-2/"
},
{
"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
},
{
"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
},
{
"name": "RHSA-2019:1699",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1699"
},
{
"name": "USN-4041-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4041-1/"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"name": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md",
"refsource": "MISC",
"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md"
},
{
"name": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic",
"refsource": "MISC",
"url": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic"
},
{
"name": "https://access.redhat.com/security/vulnerabilities/tcpsack",
"refsource": "MISC",
"url": "https://access.redhat.com/security/vulnerabilities/tcpsack"
},
{
"name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193",
"refsource": "CONFIRM",
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193"
},
{
"name": "https://www.synology.com/security/advisory/Synology_SA_19_28",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_19_28"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190625-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190625-0001/"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=5f3e2bf008c2221478101ee72f5cb4654b9fc363",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=5f3e2bf008c2221478101ee72f5cb4654b9fc363"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=967c05aee439e6e5d7d805e195b3a20ef5c433d6",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=967c05aee439e6e5d7d805e195b3a20ef5c433d6"
},
{
"name": "https://support.f5.com/csp/article/K35421172",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K35421172"
},
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0008",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0008"
},
{
"name": "https://support.f5.com/csp/article/K35421172?utm_source=f5support\u0026amp;utm_medium=RSS",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K35421172?utm_source=f5support\u0026amp;utm_medium=RSS"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsma-20-170-06",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsma-20-170-06"
}
]
},
"source": {
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1832286"
],
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2019-11479",
"datePublished": "2019-06-18T23:34:51.124Z",
"dateReserved": "2019-04-23T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:22:00.170Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1181 (GCVE-0-2019-1181)
Vulnerability from cvelistv5 – Published: 2019-08-14 20:55 – Updated: 2024-08-04 18:13
VLAI
EPSS
Title
Remote Desktop Services Remote Code Execution Vulnerability
Summary
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.
The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests.
Severity
9.8 (Critical)
CWE
- Remote Code Execution
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
| http://www.huawei.com/en/psirt/security-advisorie… | x_refsource_CONFIRM |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
Impacted products
24 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Windows 10 Version 1703 |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:* |
|
| Microsoft | Windows 10 Version 1803 |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:* |
|
| Microsoft | Windows Server, version 1803 (Server Core Installation) |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_server_1803:*:*:*:*:*:*:*:* |
|
| Microsoft | Windows 10 Version 1809 |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:* cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:* |
|
| Microsoft | Windows Server 2019 |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* |
|
| Microsoft | Windows Server 2019 (Server Core installation) |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* |
|
| Microsoft | Windows 10 Version 1709 for 32-bit Systems |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:* |
|
| Microsoft | Windows 10 Version 1709 |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:* |
|
| Microsoft | Windows 10 Version 1903 for 32-bit Systems |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:* |
|
| Microsoft | Windows 10 Version 1903 for x64-based Systems |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:* |
|
| Microsoft | Windows 10 Version 1903 for ARM64-based Systems |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:* |
|
| Microsoft | Windows Server, version 1903 (Server Core installation) |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:* |
|
| Microsoft | Windows 10 Version 1507 |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:* cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:* |
|
| Microsoft | Windows 10 Version 1607 |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:* cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:* |
|
| Microsoft | Windows Server 2016 |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* |
|
| Microsoft | Windows Server 2016 (Server Core installation) |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* |
|
| Microsoft | Windows 8.1 |
Affected:
6.3.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x86:* cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:* |
|
| Microsoft | Windows Server 2012 |
Affected:
6.2.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:* |
|
| Microsoft | Windows Server 2012 (Server Core installation) |
Affected:
6.2.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:* |
|
| Microsoft | Windows Server 2012 R2 |
Affected:
6.3.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:* |
|
| Microsoft | Windows Server 2012 R2 (Server Core installation) |
Affected:
6.3.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:* |
|
| Microsoft | Microsoft Remote Desktop for Android |
Affected:
0 , < publication
(custom)
cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:android:*:* |
|
| Microsoft | Microsoft Remote Desktop for IoS |
Affected:
1.0.0 , < publication
(custom)
cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:ios:*:* |
|
| Microsoft | Microsoft Remote Desktop for Mac |
Affected:
1.0.0 , < publication
(custom)
cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:mac:*:* |
Date Public
2019-08-13 07:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1181",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-19T20:09:50.978315Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T20:10:00.970Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:13:29.299Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1181"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190819-01-windows-en"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-187667.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1703",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 10 Version 1803",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_1803:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server, version 1803 (Server Core Installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"
],
"platforms": [
"32-bit Systems"
],
"product": "Windows 10 Version 1709 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 10 Version 1709",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server, version 1903 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1507",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1607",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 8.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "6.3.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "6.2.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "6.2.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "6.3.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "6.3.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:android:*:*"
],
"platforms": [
"Unknown"
],
"product": "Microsoft Remote Desktop for Android",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:ios:*:*"
],
"platforms": [
"Unknown"
],
"product": "Microsoft Remote Desktop for IoS",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:mac:*:*"
],
"platforms": [
"Unknown"
],
"product": "Microsoft Remote Desktop for Mac",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-08-13T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "A remote code execution vulnerability exists in Remote Desktop Services \u2013 formerly known as Terminal Services \u2013 when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nTo exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.\nThe update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T16:50:34.876Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1181"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190819-01-windows-en"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-187667.pdf"
}
],
"title": "Remote Desktop Services\u00a0Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1181",
"datePublished": "2019-08-14T20:55:04.000Z",
"dateReserved": "2018-11-26T00:00:00.000Z",
"dateUpdated": "2024-08-04T18:13:29.299Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1182 (GCVE-0-2019-1182)
Vulnerability from cvelistv5 – Published: 2019-08-14 20:55 – Updated: 2024-08-04 18:13
VLAI
EPSS
Title
Remote Desktop Services Remote Code Execution Vulnerability
Summary
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.
The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests.
Severity
9.8 (Critical)
CWE
- Remote Code Execution
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
| http://www.huawei.com/en/psirt/security-advisorie… | x_refsource_CONFIRM |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
Impacted products
24 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Windows 10 Version 1703 |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:* |
|
| Microsoft | Windows 10 Version 1803 |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:* |
|
| Microsoft | Windows Server, version 1803 (Server Core Installation) |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_server_1803:*:*:*:*:*:*:*:* |
|
| Microsoft | Windows 10 Version 1809 |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:* cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:* |
|
| Microsoft | Windows Server 2019 |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* |
|
| Microsoft | Windows Server 2019 (Server Core installation) |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* |
|
| Microsoft | Windows 10 Version 1709 for 32-bit Systems |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:* |
|
| Microsoft | Windows 10 Version 1709 |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:* |
|
| Microsoft | Windows 10 Version 1903 for 32-bit Systems |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:* |
|
| Microsoft | Windows 10 Version 1903 for x64-based Systems |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:* |
|
| Microsoft | Windows 10 Version 1903 for ARM64-based Systems |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:* |
|
| Microsoft | Windows Server, version 1903 (Server Core installation) |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:* |
|
| Microsoft | Windows 10 Version 1507 |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:* cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:* |
|
| Microsoft | Windows 10 Version 1607 |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:* cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:* |
|
| Microsoft | Windows Server 2016 |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* |
|
| Microsoft | Windows Server 2016 (Server Core installation) |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* |
|
| Microsoft | Windows 8.1 |
Affected:
6.3.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x86:* cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:* |
|
| Microsoft | Windows Server 2012 |
Affected:
6.2.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:* |
|
| Microsoft | Windows Server 2012 (Server Core installation) |
Affected:
6.2.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:* |
|
| Microsoft | Windows Server 2012 R2 |
Affected:
6.3.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:* |
|
| Microsoft | Windows Server 2012 R2 (Server Core installation) |
Affected:
6.3.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:* |
|
| Microsoft | Microsoft Remote Desktop for Android |
Affected:
0 , < publication
(custom)
cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:android:*:* |
|
| Microsoft | Microsoft Remote Desktop for IoS |
Affected:
1.0.0 , < publication
(custom)
cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:ios:*:* |
|
| Microsoft | Microsoft Remote Desktop for Mac |
Affected:
1.0.0 , < publication
(custom)
cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:mac:*:* |
Date Public
2019-08-13 07:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1182",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-18T20:42:39.694032Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-18T20:42:46.392Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:13:29.139Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1182"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190819-01-windows-en"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-187667.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1703",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 10 Version 1803",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_1803:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server, version 1803 (Server Core Installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"
],
"platforms": [
"32-bit Systems"
],
"product": "Windows 10 Version 1709 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 10 Version 1709",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server, version 1903 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1507",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1607",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 8.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "6.3.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "6.2.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "6.2.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "6.3.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "6.3.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:android:*:*"
],
"platforms": [
"Unknown"
],
"product": "Microsoft Remote Desktop for Android",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:ios:*:*"
],
"platforms": [
"Unknown"
],
"product": "Microsoft Remote Desktop for IoS",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:mac:*:*"
],
"platforms": [
"Unknown"
],
"product": "Microsoft Remote Desktop for Mac",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-08-13T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "A remote code execution vulnerability exists in Remote Desktop Services \u2013 formerly known as Terminal Services \u2013 when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nTo exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.\nThe update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T16:50:35.379Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1182"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190819-01-windows-en"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-187667.pdf"
}
],
"title": "Remote Desktop Services\u00a0Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1182",
"datePublished": "2019-08-14T20:55:04.000Z",
"dateReserved": "2018-11-26T00:00:00.000Z",
"dateUpdated": "2024-08-04T18:13:29.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1222 (GCVE-0-2019-1222)
Vulnerability from cvelistv5 – Published: 2019-08-14 20:55 – Updated: 2024-08-04 18:13
VLAI
EPSS
Title
Remote Desktop Services Remote Code Execution Vulnerability
Summary
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.
The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests.
Severity
9.8 (Critical)
CWE
- Remote Code Execution
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
| http://www.huawei.com/en/psirt/security-advisorie… | x_refsource_CONFIRM |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
Impacted products
9 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Windows 10 Version 1803 |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:* |
|
| Microsoft | Windows Server, version 1803 (Server Core Installation) |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_server_1803:*:*:*:*:*:*:*:* |
|
| Microsoft | Windows 10 Version 1809 |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:* cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:* |
|
| Microsoft | Windows Server 2019 |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* |
|
| Microsoft | Windows Server 2019 (Server Core installation) |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* |
|
| Microsoft | Windows 10 Version 1903 for 32-bit Systems |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:* |
|
| Microsoft | Windows 10 Version 1903 for x64-based Systems |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:* |
|
| Microsoft | Windows 10 Version 1903 for ARM64-based Systems |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:* |
|
| Microsoft | Windows Server, version 1903 (Server Core installation) |
Affected:
10.0.0 , < publication
(custom)
cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:* |
Date Public
2019-08-13 07:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:13:29.535Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1222"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190819-01-windows-en"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-187667.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 10 Version 1803",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_1803:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server, version 1803 (Server Core Installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server, version 1903 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-08-13T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "A remote code execution vulnerability exists in Remote Desktop Services \u2013 formerly known as Terminal Services \u2013 when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nTo exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.\nThe update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T16:51:10.078Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1222"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190819-01-windows-en"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-187667.pdf"
}
],
"title": "Remote Desktop Services\u00a0Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1222",
"datePublished": "2019-08-14T20:55:05.000Z",
"dateReserved": "2018-11-26T00:00:00.000Z",
"dateUpdated": "2024-08-04T18:13:29.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-12255 (GCVE-0-2019-12255)
Vulnerability from cvelistv5 – Published: 2019-08-09 19:18 – Updated: 2024-08-04 23:17
VLAI
EPSS
Summary
Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| https://support2.windriver.com/index.php?page=sec… | x_refsource_MISC |
| https://psirt.global.sonicwall.com/vuln-detail/SN… | x_refsource_CONFIRM |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://security.netapp.com/advisory/ntap-2019080… | x_refsource_CONFIRM |
| https://www.windriver.com/security/announcements/… | x_refsource_CONFIRM |
| https://support2.windriver.com/index.php?page=cve… | x_refsource_MISC |
| http://packetstormsecurity.com/files/154022/VxWor… | x_refsource_MISC |
| https://support.f5.com/csp/article/K41190253 | x_refsource_CONFIRM |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://support.f5.com/csp/article/K41190253?utm_… | x_refsource_CONFIRM |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:17:39.534Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support2.windriver.com/index.php?page=security-notices"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190802-0001/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-12255"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154022/VxWorks-6.8-Integer-Underflow.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K41190253"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K41190253?utm_source=f5support\u0026amp%3Butm_medium=RSS"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-12T12:06:20.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support2.windriver.com/index.php?page=security-notices"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190802-0001/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-12255"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154022/VxWorks-6.8-Integer-Underflow.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K41190253"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K41190253?utm_source=f5support\u0026amp%3Butm_medium=RSS"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-12255",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support2.windriver.com/index.php?page=security-notices",
"refsource": "MISC",
"url": "https://support2.windriver.com/index.php?page=security-notices"
},
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190802-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190802-0001/"
},
{
"name": "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/",
"refsource": "CONFIRM",
"url": "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/"
},
{
"name": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-12255",
"refsource": "MISC",
"url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-12255"
},
{
"name": "http://packetstormsecurity.com/files/154022/VxWorks-6.8-Integer-Underflow.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154022/VxWorks-6.8-Integer-Underflow.html"
},
{
"name": "https://support.f5.com/csp/article/K41190253",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K41190253"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf"
},
{
"name": "https://support.f5.com/csp/article/K41190253?utm_source=f5support\u0026amp;utm_medium=RSS",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K41190253?utm_source=f5support\u0026amp;utm_medium=RSS"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-12255",
"datePublished": "2019-08-09T19:18:03.000Z",
"dateReserved": "2019-05-21T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:17:39.534Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-12256 (GCVE-0-2019-12256)
Vulnerability from cvelistv5 – Published: 2019-08-09 17:57 – Updated: 2024-08-04 23:17
VLAI
EPSS
Summary
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets’ IP options.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://support2.windriver.com/index.php?page=sec… | x_refsource_MISC |
| https://psirt.global.sonicwall.com/vuln-detail/SN… | x_refsource_CONFIRM |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://security.netapp.com/advisory/ntap-2019080… | x_refsource_CONFIRM |
| https://www.windriver.com/security/announcements/… | x_refsource_CONFIRM |
| https://support2.windriver.com/index.php?page=cve… | x_refsource_CONFIRM |
| https://support.f5.com/csp/article/K41190253 | x_refsource_CONFIRM |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:17:39.700Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support2.windriver.com/index.php?page=security-notices"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190802-0001/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-12256"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K41190253"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets\u2019 IP options."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-12T12:06:16.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support2.windriver.com/index.php?page=security-notices"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190802-0001/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-12256"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K41190253"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-12256",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets\u2019 IP options."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support2.windriver.com/index.php?page=security-notices",
"refsource": "MISC",
"url": "https://support2.windriver.com/index.php?page=security-notices"
},
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190802-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190802-0001/"
},
{
"name": "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/",
"refsource": "CONFIRM",
"url": "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/"
},
{
"name": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-12256",
"refsource": "CONFIRM",
"url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-12256"
},
{
"name": "https://support.f5.com/csp/article/K41190253",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K41190253"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-12256",
"datePublished": "2019-08-09T17:57:13.000Z",
"dateReserved": "2019-05-21T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:17:39.700Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…