VAR-201910-0309
Vulnerability from variot - Updated: 2023-12-18 12:56A missing check on incoming client requests can be exploited to cause a situation where the Kea server's lease storage contains leases which are rejected as invalid when the server tries to load leases from storage on restart. If the number of such leases exceeds a hard-coded limit in the Kea code, a server trying to restart will conclude that there is a problem with its lease store and give up. Versions affected: 1.4.0 to 1.5.0, 1.6.0-beta1, and 1.6.0-beta2. ISC (Internet Systems Consortium) Provided by Kea DHCP The server has a service disruption (DoS) Vulnerabilities exist. Kea DHCP The server contains several vulnerabilities: * DHCPv6 Malformed format when operating on server DUID With packets containing Kea DHCPv6 server process (kea-dhcp6) Ends - CVE-2019-6472 * DHCPv4 While operating on the server hostname Depending on options assertion failure Occurs, Kea DHCPv4 server process (kea-dhcp4) Ends - CVE-2019-6473 * As a storage location for lease information memfile Is specified, if invalid lease information is stored in the storage more than a certain number Kea Server cannot be restarted - CVE-2019-6474Service disruption by a third party who can access the network to which the product is connected (DoS) An attack may be carried out. ISC Kea DHCP is an open source DHCP (Dynamic Host Configuration Protocol) server from the American ISC Corporation.
An input validation error vulnerability exists in ISC Kea DHCP versions 1.4.0 to 1.5.0, 1.6.0-beta1, and 1.6.0-beta2. The vulnerability stems from a network system or product that did not properly validate the input data
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201910-0309",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kea",
"scope": "gte",
"trust": 1.0,
"vendor": "isc",
"version": "1.4.0"
},
{
"model": "kea",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "1.6.0"
},
{
"model": "kea",
"scope": "lte",
"trust": 1.0,
"vendor": "isc",
"version": "1.5.0"
},
{
"model": "kea",
"scope": "eq",
"trust": 0.8,
"vendor": "isc",
"version": "1.4.0 to 1.5.0"
},
{
"model": "kea",
"scope": "eq",
"trust": 0.8,
"vendor": "isc",
"version": "1.6.0-beta1"
},
{
"model": "kea",
"scope": "eq",
"trust": 0.8,
"vendor": "isc",
"version": "1.6.0-beta2"
},
{
"model": "kea dhcp",
"scope": "gte",
"trust": 0.6,
"vendor": "isc",
"version": "1.4.0,\u003c=1.5.0"
},
{
"model": "kea dhcp 1.6.0-beta1",
"scope": null,
"trust": 0.6,
"vendor": "isc",
"version": null
},
{
"model": "kea dhcp 1.6.0-beta2",
"scope": null,
"trust": 0.6,
"vendor": "isc",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03750"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008546"
},
{
"db": "NVD",
"id": "CVE-2019-6474"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:isc:kea:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.5.0",
"versionStartIncluding": "1.4.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:kea:1.6.0:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:kea:1.6.0:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-6474"
}
]
},
"cve": "CVE-2019-6474",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2020-03750",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "security-officer@isc.org",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.1,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-6474",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "security-officer@isc.org",
"id": "CVE-2019-6474",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2020-03750",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201909-378",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03750"
},
{
"db": "NVD",
"id": "CVE-2019-6474"
},
{
"db": "NVD",
"id": "CVE-2019-6474"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-378"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A missing check on incoming client requests can be exploited to cause a situation where the Kea server\u0027s lease storage contains leases which are rejected as invalid when the server tries to load leases from storage on restart. If the number of such leases exceeds a hard-coded limit in the Kea code, a server trying to restart will conclude that there is a problem with its lease store and give up. Versions affected: 1.4.0 to 1.5.0, 1.6.0-beta1, and 1.6.0-beta2. ISC (Internet Systems Consortium) Provided by Kea DHCP The server has a service disruption (DoS) Vulnerabilities exist. Kea DHCP The server contains several vulnerabilities: * DHCPv6 Malformed format when operating on server DUID With packets containing Kea DHCPv6 server process (kea-dhcp6) Ends - CVE-2019-6472 * DHCPv4 While operating on the server hostname Depending on options assertion failure Occurs, Kea DHCPv4 server process (kea-dhcp4) Ends - CVE-2019-6473 * As a storage location for lease information memfile Is specified, if invalid lease information is stored in the storage more than a certain number Kea Server cannot be restarted - CVE-2019-6474Service disruption by a third party who can access the network to which the product is connected (DoS) An attack may be carried out. ISC Kea DHCP is an open source DHCP (Dynamic Host Configuration Protocol) server from the American ISC Corporation. \n\r\n\r\nAn input validation error vulnerability exists in ISC Kea DHCP versions 1.4.0 to 1.5.0, 1.6.0-beta1, and 1.6.0-beta2. The vulnerability stems from a network system or product that did not properly validate the input data",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-6474"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008546"
},
{
"db": "CNVD",
"id": "CNVD-2020-03750"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-6474",
"trust": 3.0
},
{
"db": "JVN",
"id": "JVNVU93863470",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008546",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-03750",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201909-378",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03750"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008546"
},
{
"db": "NVD",
"id": "CVE-2019-6474"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-378"
}
]
},
"id": "VAR-201910-0309",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03750"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03750"
}
]
},
"last_update_date": "2023-12-18T12:56:22.189000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CVE-2019-6472: A packet containing a malformed DUID can cause the kea-dhcp6 server to terminate",
"trust": 0.8,
"url": "https://kb.isc.org/docs/cve-2019-6472"
},
{
"title": "CVE-2019-6473: An invalid hostname option can cause the kea-dhcp4 server to terminate",
"trust": 0.8,
"url": "https://kb.isc.org/docs/cve-2019-6473"
},
{
"title": "CVE-2019-6474: An oversight when validating incoming client requests can lead to a situation where the Kea server will exit when trying to restart",
"trust": 0.8,
"url": "https://kb.isc.org/docs/cve-2019-6474"
},
{
"title": "Patch for ISC Kea DHCP Input Validation Error Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/199061"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03750"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008546"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-772",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-6474"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://kb.isc.org/docs/cve-2019-6474"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-6474"
},
{
"trust": 1.2,
"url": "https://vigilance.fr/vulnerability/kea-dhcp-three-vulnerabilities-30273"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6474"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6472"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6473"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu93863470"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-6472"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-6473"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03750"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008546"
},
{
"db": "NVD",
"id": "CVE-2019-6474"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-378"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-03750"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008546"
},
{
"db": "NVD",
"id": "CVE-2019-6474"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-378"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-03750"
},
{
"date": "2019-09-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-008546"
},
{
"date": "2019-10-16T18:15:37.217000",
"db": "NVD",
"id": "CVE-2019-6474"
},
{
"date": "2019-09-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-378"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-03750"
},
{
"date": "2019-12-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-008546"
},
{
"date": "2020-08-24T17:37:01.140000",
"db": "NVD",
"id": "CVE-2019-6474"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-378"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-378"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ISC Kea DHCP Input Validation Error Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03750"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-378"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-378"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…