Common Weakness Enumeration

CWE-665

Discouraged

Improper Initialization

Abstraction: Class · Status: Draft

The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.

425 vulnerabilities reference this CWE, most recent first.

CVE-2020-4067 (GCVE-0-2020-4067)

Vulnerability from cvelistv5 – Published: 2020-06-29 19:55 – Updated: 2024-08-04 07:52
VLAI
Title
Improper Initialization in coturn
Summary
In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. There is a leak of information between different client connections. One client (an attacker) could use their connection to intelligently query coturn to get interesting bytes in the padding bytes from the connection of another client. This has been fixed in 4.5.1.3.
CWE
  • CWE-665 - Improper Initialization
Assigner
References
Impacted products
Vendor Product Version
coturn coturn Affected: >= 5.1.1, < 6.0.0
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:52:20.848Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/coturn/coturn/security/advisories/GHSA-c8r8-8vp5-6gcm"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/coturn/coturn/issues/583"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/coturn/coturn/blob/aab60340b201d55c007bcdc853230f47aa2dfdf1/ChangeLog#L15"
          },
          {
            "name": "DSA-4711",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4711"
          },
          {
            "name": "[debian-lts-announce] 20200701 [SECURITY] [DLA 2271-1] coturn security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00002.html"
          },
          {
            "name": "openSUSE-SU-2020:0937",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00010.html"
          },
          {
            "name": "USN-4415-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4415-1/"
          },
          {
            "name": "FEDORA-2020-9eadf517de",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNJJO77ZLGGFJWNUGP6VDG5HPAC5UDBK/"
          },
          {
            "name": "FEDORA-2020-d946f64eea",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5G35UBNSRLL6SYRTODYTMBJ65TLQILUM/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "coturn",
          "vendor": "coturn",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 5.1.1, \u003c 6.0.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. There is a leak of information between different client connections. One client (an attacker) could use their connection to intelligently query coturn to get interesting bytes in the padding bytes from the connection of another client. This has been fixed in 4.5.1.3."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-665",
              "description": "CWE-665: Improper Initialization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-09T02:06:26.000Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/coturn/coturn/security/advisories/GHSA-c8r8-8vp5-6gcm"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/coturn/coturn/issues/583"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/coturn/coturn/blob/aab60340b201d55c007bcdc853230f47aa2dfdf1/ChangeLog#L15"
        },
        {
          "name": "DSA-4711",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4711"
        },
        {
          "name": "[debian-lts-announce] 20200701 [SECURITY] [DLA 2271-1] coturn security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00002.html"
        },
        {
          "name": "openSUSE-SU-2020:0937",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00010.html"
        },
        {
          "name": "USN-4415-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4415-1/"
        },
        {
          "name": "FEDORA-2020-9eadf517de",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNJJO77ZLGGFJWNUGP6VDG5HPAC5UDBK/"
        },
        {
          "name": "FEDORA-2020-d946f64eea",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5G35UBNSRLL6SYRTODYTMBJ65TLQILUM/"
        }
      ],
      "source": {
        "advisory": "GHSA-c8r8-8vp5-6gcm",
        "discovery": "UNKNOWN"
      },
      "title": "Improper Initialization in coturn",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2020-4067",
          "STATE": "PUBLIC",
          "TITLE": "Improper Initialization in coturn"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "coturn",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003e= 5.1.1, \u003c 6.0.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "coturn"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. There is a leak of information between different client connections. One client (an attacker) could use their connection to intelligently query coturn to get interesting bytes in the padding bytes from the connection of another client. This has been fixed in 4.5.1.3."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-665: Improper Initialization"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/coturn/coturn/security/advisories/GHSA-c8r8-8vp5-6gcm",
              "refsource": "CONFIRM",
              "url": "https://github.com/coturn/coturn/security/advisories/GHSA-c8r8-8vp5-6gcm"
            },
            {
              "name": "https://github.com/coturn/coturn/issues/583",
              "refsource": "MISC",
              "url": "https://github.com/coturn/coturn/issues/583"
            },
            {
              "name": "https://github.com/coturn/coturn/blob/aab60340b201d55c007bcdc853230f47aa2dfdf1/ChangeLog#L15",
              "refsource": "MISC",
              "url": "https://github.com/coturn/coturn/blob/aab60340b201d55c007bcdc853230f47aa2dfdf1/ChangeLog#L15"
            },
            {
              "name": "DSA-4711",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4711"
            },
            {
              "name": "[debian-lts-announce] 20200701 [SECURITY] [DLA 2271-1] coturn security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00002.html"
            },
            {
              "name": "openSUSE-SU-2020:0937",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00010.html"
            },
            {
              "name": "USN-4415-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4415-1/"
            },
            {
              "name": "FEDORA-2020-9eadf517de",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNJJO77ZLGGFJWNUGP6VDG5HPAC5UDBK/"
            },
            {
              "name": "FEDORA-2020-d946f64eea",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5G35UBNSRLL6SYRTODYTMBJ65TLQILUM/"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-c8r8-8vp5-6gcm",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2020-4067",
    "datePublished": "2020-06-29T19:55:13.000Z",
    "dateReserved": "2019-12-30T00:00:00.000Z",
    "dateUpdated": "2024-08-04T07:52:20.848Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-1617 (GCVE-0-2020-1617)

Vulnerability from cvelistv5 – Published: 2020-04-08 19:25 – Updated: 2024-09-16 18:03
VLAI
Title
Junos OS: PTX1000 and PTX10000 Series, QFX10000 Series using non-AFT architectures: A specific genuine packet inspected by sFlow will cause a reboot.
Summary
This issue occurs on Juniper Networks Junos OS devices which do not support Advanced Forwarding Interface (AFI) / Advanced Forwarding Toolkit (AFT). Devices using AFI and AFT are not exploitable to this issue. An improper initialization of memory in the packet forwarding architecture in Juniper Networks Junos OS non-AFI/AFT platforms which may lead to a Denial of Service (DoS) vulnerability being exploited when a genuine packet is received and inspected by non-AFT/AFI sFlow and when the device is also configured with firewall policers. This first genuine packet received and inspected by sampled flow (sFlow) through a specific firewall policer will cause the device to reboot. After the reboot has completed, if the device receives and sFlow inspects another genuine packet seen through a specific firewall policer, the device will generate a core file and reboot. Continued inspection of these genuine packets will create an extended Denial of Service (DoS) condition. Depending on the method for service restoration, e.g. hard boot or soft reboot, a core file may or may not be generated the next time the packet is received and inspected by sFlow. This issue affects: Juniper Networks Junos OS 17.4 versions prior to 17.4R2-S9, 17.4R3 on PTX1000 and PTX10000 Series, QFX10000 Series; 18.1 versions prior to 18.1R3-S9 on PTX1000 and PTX10000 Series, QFX10000 Series; 18.2X75 versions prior to 18.2X75-D12, 18.2X75-D30 on PTX1000 and PTX10000 Series, QFX10000 Series; 18.2 versions prior to 18.2R3 on PTX1000 and PTX10000 Series, QFX10000 Series; 18.3 versions prior to 18.3R3 on PTX1000 and PTX10000 Series, QFX10000 Series. This issue is not applicable to Junos OS versions before 17.4R1. This issue is not applicable to Junos OS Evolved or Junos OS with Advanced Forwarding Toolkit (AFT) forwarding implementations which use a different implementation of sFlow. The following example information is unrelated to this issue and is provided solely to assist you with determining if you have AFT or not. Example: A Junos OS device which supports the use of EVPN signaled VPWS with Flexible Cross Connect uses the AFT implementation. Since this configuration requires support and use of the AFT implementation to support this configuration, the device is not vulnerable to this issue as the sFlow implementation is different using the AFT architecture. For further details about AFT visit the AFI / AFT are in the links below. If you are uncertain if you use the AFI/AFT implementation or not, there are configuration examples in the links below which you may use to determine if you are vulnerable to this issue or not. If the commands work, you are. If not, you are not. You may also use the Feature Explorer to determine if AFI/AFT is supported or not. If you are still uncertain, please contact your support resources.
CWE
  • Denial of Service (DoS)
  • CWE-665 - Improper Initialization
Assigner
References
Impacted products
Vendor Product Version
Juniper Networks Junos OS Affected: 17.4 , < 17.4R2-S9, 17.4R3 (custom)
Affected: 18.1 , ≤ 18.1R3-S9 (custom)
Affected: 18.2X75 , < 18.2X75-D12, 18.2X75-D30 (custom)
Affected: 18.2 , < 18.2R3 (custom)
Affected: 18.3 , < 18.3R3 (custom)
Create a notification for this product.
Date Public
2020-04-08 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:46:29.975Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/JSA11000"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/Juniper/AFI"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.juniper.net/documentation/en_US/junos/topics/example/example-configuring-vpws-service-with-evpn-signaling-mechanisms.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "PTX1000 and PTX10000 Series, QFX10000 Series"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "17.4R2-S9, 17.4R3",
              "status": "affected",
              "version": "17.4",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "18.1R3-S9",
              "status": "affected",
              "version": "18.1",
              "versionType": "custom"
            },
            {
              "lessThan": "18.2X75-D12, 18.2X75-D30",
              "status": "affected",
              "version": "18.2X75",
              "versionType": "custom"
            },
            {
              "lessThan": "18.2R3",
              "status": "affected",
              "version": "18.2",
              "versionType": "custom"
            },
            {
              "lessThan": "18.3R3",
              "status": "affected",
              "version": "18.3",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "The corrupted memory initialization is restricted to the sFlow process.\nThe firewall policer provides the method for the exploitation to take place.\nDisabling either resolves the exploitation of this issue, but does not fix the underlying vulnerability.\n\nThe following minimal configuration is required for the issue to be seen: \n  firewall policer\nand\n  sflow"
        }
      ],
      "datePublic": "2020-04-08T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "This issue occurs on Juniper Networks Junos OS devices which do not support Advanced Forwarding Interface (AFI) / Advanced Forwarding Toolkit (AFT). Devices using AFI and AFT are not exploitable to this issue. An improper initialization of memory in the packet forwarding architecture in Juniper Networks Junos OS non-AFI/AFT platforms which may lead to a Denial of Service (DoS) vulnerability being exploited when a genuine packet is received and inspected by non-AFT/AFI sFlow and when the device is also configured with firewall policers. This first genuine packet received and inspected by sampled flow (sFlow) through a specific firewall policer will cause the device to reboot. After the reboot has completed, if the device receives and sFlow inspects another genuine packet seen through a specific firewall policer, the device will generate a core file and reboot. Continued inspection of these genuine packets will create an extended Denial of Service (DoS) condition. Depending on the method for service restoration, e.g. hard boot or soft reboot, a core file may or may not be generated the next time the packet is received and inspected by sFlow. This issue affects: Juniper Networks Junos OS 17.4 versions prior to 17.4R2-S9, 17.4R3 on PTX1000 and PTX10000 Series, QFX10000 Series; 18.1 versions prior to 18.1R3-S9 on PTX1000 and PTX10000 Series, QFX10000 Series; 18.2X75 versions prior to 18.2X75-D12, 18.2X75-D30 on PTX1000 and PTX10000 Series, QFX10000 Series; 18.2 versions prior to 18.2R3 on PTX1000 and PTX10000 Series, QFX10000 Series; 18.3 versions prior to 18.3R3 on PTX1000 and PTX10000 Series, QFX10000 Series. This issue is not applicable to Junos OS versions before 17.4R1. This issue is not applicable to Junos OS Evolved or Junos OS with Advanced Forwarding Toolkit (AFT) forwarding implementations which use a different implementation of sFlow. The following example information is unrelated to this issue and is provided solely to assist you with determining if you have AFT or not. Example: A Junos OS device which supports the use of EVPN signaled VPWS with Flexible Cross Connect uses the AFT implementation. Since this configuration requires support and use of the AFT implementation to support this configuration, the device is not vulnerable to this issue as the sFlow implementation is different using the AFT architecture. For further details about AFT visit the AFI / AFT are in the links below. If you are uncertain if you use the AFI/AFT implementation or not, there are configuration examples in the links below which you may use to determine if you are vulnerable to this issue or not. If the commands work, you are. If not, you are not. You may also use the Feature Explorer to determine if AFI/AFT is supported or not. If you are still uncertain, please contact your support resources."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of Service (DoS)",
              "lang": "en",
              "type": "text"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-665",
              "description": "CWE-665 Improper Initialization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-04-08T19:25:54.000Z",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://kb.juniper.net/JSA11000"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Juniper/AFI"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.juniper.net/documentation/en_US/junos/topics/example/example-configuring-vpws-service-with-evpn-signaling-mechanisms.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "The following software releases have been updated to resolve this specific issue: 17.4R2-S9, 17.4R3;18.2X75-D12, 18.2X75-D30, 18.1R3-S9, 18.2R3, 18.3R3, 18.4R1, and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA11000",
        "defect": [
          "1372944"
        ],
        "discovery": "USER"
      },
      "title": "Junos OS: PTX1000 and PTX10000 Series, QFX10000 Series using non-AFT architectures: A specific genuine packet inspected by sFlow will cause a reboot.",
      "workarounds": [
        {
          "lang": "en",
          "value": "Discontinue use of firewall policers.\nOr\nDiscontinue use of sFlow.\nOr\nBoth of the above.  It is not required to discontinue both to mitigate the issue.\n\nThere are no other available workarounds."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "DATE_PUBLIC": "2020-04-08T15:00:00.000Z",
          "ID": "CVE-2020-1617",
          "STATE": "PUBLIC",
          "TITLE": "Junos OS: PTX1000 and PTX10000 Series, QFX10000 Series using non-AFT architectures: A specific genuine packet inspected by sFlow will cause a reboot."
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Junos OS",
                      "version": {
                        "version_data": [
                          {
                            "platform": "PTX1000 and PTX10000 Series, QFX10000 Series",
                            "version_affected": "\u003c",
                            "version_name": "17.4",
                            "version_value": "17.4R2-S9, 17.4R3"
                          },
                          {
                            "platform": "PTX1000 and PTX10000 Series, QFX10000 Series",
                            "version_affected": "\u003c=",
                            "version_name": "18.1",
                            "version_value": "18.1R3-S9"
                          },
                          {
                            "platform": "PTX1000 and PTX10000 Series, QFX10000 Series",
                            "version_affected": "\u003c",
                            "version_name": "18.2X75",
                            "version_value": "18.2X75-D12, 18.2X75-D30"
                          },
                          {
                            "platform": "PTX1000 and PTX10000 Series, QFX10000 Series",
                            "version_affected": "\u003c",
                            "version_name": "18.2",
                            "version_value": "18.2R3"
                          },
                          {
                            "platform": "PTX1000 and PTX10000 Series, QFX10000 Series",
                            "version_affected": "\u003c",
                            "version_name": "18.3",
                            "version_value": "18.3R3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Juniper Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "The corrupted memory initialization is restricted to the sFlow process.\nThe firewall policer provides the method for the exploitation to take place.\nDisabling either resolves the exploitation of this issue, but does not fix the underlying vulnerability.\n\nThe following minimal configuration is required for the issue to be seen: \n  firewall policer\nand\n  sflow"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "This issue occurs on Juniper Networks Junos OS devices which do not support Advanced Forwarding Interface (AFI) / Advanced Forwarding Toolkit (AFT). Devices using AFI and AFT are not exploitable to this issue. An improper initialization of memory in the packet forwarding architecture in Juniper Networks Junos OS non-AFI/AFT platforms which may lead to a Denial of Service (DoS) vulnerability being exploited when a genuine packet is received and inspected by non-AFT/AFI sFlow and when the device is also configured with firewall policers. This first genuine packet received and inspected by sampled flow (sFlow) through a specific firewall policer will cause the device to reboot. After the reboot has completed, if the device receives and sFlow inspects another genuine packet seen through a specific firewall policer, the device will generate a core file and reboot. Continued inspection of these genuine packets will create an extended Denial of Service (DoS) condition. Depending on the method for service restoration, e.g. hard boot or soft reboot, a core file may or may not be generated the next time the packet is received and inspected by sFlow. This issue affects: Juniper Networks Junos OS 17.4 versions prior to 17.4R2-S9, 17.4R3 on PTX1000 and PTX10000 Series, QFX10000 Series; 18.1 versions prior to 18.1R3-S9 on PTX1000 and PTX10000 Series, QFX10000 Series; 18.2X75 versions prior to 18.2X75-D12, 18.2X75-D30 on PTX1000 and PTX10000 Series, QFX10000 Series; 18.2 versions prior to 18.2R3 on PTX1000 and PTX10000 Series, QFX10000 Series; 18.3 versions prior to 18.3R3 on PTX1000 and PTX10000 Series, QFX10000 Series. This issue is not applicable to Junos OS versions before 17.4R1. This issue is not applicable to Junos OS Evolved or Junos OS with Advanced Forwarding Toolkit (AFT) forwarding implementations which use a different implementation of sFlow. The following example information is unrelated to this issue and is provided solely to assist you with determining if you have AFT or not. Example: A Junos OS device which supports the use of EVPN signaled VPWS with Flexible Cross Connect uses the AFT implementation. Since this configuration requires support and use of the AFT implementation to support this configuration, the device is not vulnerable to this issue as the sFlow implementation is different using the AFT architecture. For further details about AFT visit the AFI / AFT are in the links below. If you are uncertain if you use the AFI/AFT implementation or not, there are configuration examples in the links below which you may use to determine if you are vulnerable to this issue or not. If the commands work, you are. If not, you are not. You may also use the Feature Explorer to determine if AFI/AFT is supported or not. If you are still uncertain, please contact your support resources."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of Service (DoS)"
                }
              ]
            },
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-665 Improper Initialization"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/JSA11000",
              "refsource": "MISC",
              "url": "https://kb.juniper.net/JSA11000"
            },
            {
              "name": "https://github.com/Juniper/AFI",
              "refsource": "MISC",
              "url": "https://github.com/Juniper/AFI"
            },
            {
              "name": "https://www.juniper.net/documentation/en_US/junos/topics/example/example-configuring-vpws-service-with-evpn-signaling-mechanisms.html",
              "refsource": "MISC",
              "url": "https://www.juniper.net/documentation/en_US/junos/topics/example/example-configuring-vpws-service-with-evpn-signaling-mechanisms.html"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "The following software releases have been updated to resolve this specific issue: 17.4R2-S9, 17.4R3;18.2X75-D12, 18.2X75-D30, 18.1R3-S9, 18.2R3, 18.3R3, 18.4R1, and all subsequent releases."
          }
        ],
        "source": {
          "advisory": "JSA11000",
          "defect": [
            "1372944"
          ],
          "discovery": "USER"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "Discontinue use of firewall policers.\nOr\nDiscontinue use of sFlow.\nOr\nBoth of the above.  It is not required to discontinue both to mitigate the issue.\n\nThere are no other available workarounds."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2020-1617",
    "datePublished": "2020-04-08T19:25:54.368Z",
    "dateReserved": "2019-11-04T00:00:00.000Z",
    "dateUpdated": "2024-09-16T18:03:44.233Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-15681 (GCVE-0-2019-15681)

Vulnerability from cvelistv5 – Published: 2019-10-29 16:04 – Updated: 2024-08-05 00:56
VLAI
Summary
LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appear to be exploitable via network connectivity. These vulnerabilities have been fixed in commit d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a.
Severity
No CVSS data available.
CWE
  • CWE-665 - Improper Initialization
Assigner
References
URL Tags
https://github.com/LibVNC/libvncserver/commit/d01… x_refsource_MISC
https://lists.debian.org/debian-lts-announce/2019… mailing-listx_refsource_MLIST
https://lists.debian.org/debian-lts-announce/2019… mailing-listx_refsource_MLIST
https://lists.debian.org/debian-lts-announce/2019… mailing-listx_refsource_MLIST
https://lists.debian.org/debian-lts-announce/2019… mailing-listx_refsource_MLIST
http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
https://usn.ubuntu.com/4407-1/ vendor-advisoryx_refsource_UBUNTU
http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
https://usn.ubuntu.com/4547-1/ vendor-advisoryx_refsource_UBUNTU
https://usn.ubuntu.com/4573-1/ vendor-advisoryx_refsource_UBUNTU
https://usn.ubuntu.com/4587-1/ vendor-advisoryx_refsource_UBUNTU
https://cert-portal.siemens.com/productcert/pdf/s… x_refsource_CONFIRM
Impacted products
Vendor Product Version
Kaspersky LibVNC Affected: 0.9.12
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T00:56:22.452Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/LibVNC/libvncserver/commit/d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a"
          },
          {
            "name": "[debian-lts-announce] 20191030 [SECURITY] [DLA 1977-1] libvncserver security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00039.html"
          },
          {
            "name": "[debian-lts-announce] 20191030 [SECURITY] [DLA 1979-1] italc security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html"
          },
          {
            "name": "[debian-lts-announce] 20191129 [SECURITY] [DLA 2014-1] vino security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00032.html"
          },
          {
            "name": "[debian-lts-announce] 20191221 [SECURITY] [DLA 2045-1] tightvnc security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00028.html"
          },
          {
            "name": "openSUSE-SU-2020:0624",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00027.html"
          },
          {
            "name": "USN-4407-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4407-1/"
          },
          {
            "name": "openSUSE-SU-2020:1071",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00073.html"
          },
          {
            "name": "USN-4547-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4547-1/"
          },
          {
            "name": "USN-4573-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4573-1/"
          },
          {
            "name": "USN-4587-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4587-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "LibVNC",
          "vendor": "Kaspersky",
          "versions": [
            {
              "status": "affected",
              "version": "0.9.12"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appear to be exploitable via network connectivity. These vulnerabilities have been fixed in commit d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-665",
              "description": "CWE-665: Improper Initialization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-12-14T13:06:50.000Z",
        "orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
        "shortName": "Kaspersky"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/LibVNC/libvncserver/commit/d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a"
        },
        {
          "name": "[debian-lts-announce] 20191030 [SECURITY] [DLA 1977-1] libvncserver security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00039.html"
        },
        {
          "name": "[debian-lts-announce] 20191030 [SECURITY] [DLA 1979-1] italc security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html"
        },
        {
          "name": "[debian-lts-announce] 20191129 [SECURITY] [DLA 2014-1] vino security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00032.html"
        },
        {
          "name": "[debian-lts-announce] 20191221 [SECURITY] [DLA 2045-1] tightvnc security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00028.html"
        },
        {
          "name": "openSUSE-SU-2020:0624",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00027.html"
        },
        {
          "name": "USN-4407-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4407-1/"
        },
        {
          "name": "openSUSE-SU-2020:1071",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00073.html"
        },
        {
          "name": "USN-4547-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4547-1/"
        },
        {
          "name": "USN-4573-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4573-1/"
        },
        {
          "name": "USN-4587-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4587-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vulnerability@kaspersky.com",
          "ID": "CVE-2019-15681",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "LibVNC",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "0.9.12"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Kaspersky"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appear to be exploitable via network connectivity. These vulnerabilities have been fixed in commit d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-665: Improper Initialization"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/LibVNC/libvncserver/commit/d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a",
              "refsource": "MISC",
              "url": "https://github.com/LibVNC/libvncserver/commit/d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a"
            },
            {
              "name": "[debian-lts-announce] 20191030 [SECURITY] [DLA 1977-1] libvncserver security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00039.html"
            },
            {
              "name": "[debian-lts-announce] 20191030 [SECURITY] [DLA 1979-1] italc security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html"
            },
            {
              "name": "[debian-lts-announce] 20191129 [SECURITY] [DLA 2014-1] vino security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00032.html"
            },
            {
              "name": "[debian-lts-announce] 20191221 [SECURITY] [DLA 2045-1] tightvnc security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00028.html"
            },
            {
              "name": "openSUSE-SU-2020:0624",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00027.html"
            },
            {
              "name": "USN-4407-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4407-1/"
            },
            {
              "name": "openSUSE-SU-2020:1071",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00073.html"
            },
            {
              "name": "USN-4547-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4547-1/"
            },
            {
              "name": "USN-4573-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4573-1/"
            },
            {
              "name": "USN-4587-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4587-1/"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
    "assignerShortName": "Kaspersky",
    "cveId": "CVE-2019-15681",
    "datePublished": "2019-10-29T16:04:51.000Z",
    "dateReserved": "2019-08-27T00:00:00.000Z",
    "dateUpdated": "2024-08-05T00:56:22.452Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-10196 (GCVE-0-2019-10196)

Vulnerability from cvelistv5 – Published: 2021-03-19 19:22 – Updated: 2024-08-04 22:17
VLAI
Summary
A flaw was found in http-proxy-agent, prior to version 2.1.0. It was discovered http-proxy-agent passes an auth option to the Buffer constructor without proper sanitization. This could result in a Denial of Service through the usage of all available CPU resources and data exposure through an uninitialized memory leak in setups where an attacker could submit typed input to the auth parameter.
Severity
No CVSS data available.
CWE
Assigner
References
Impacted products
Vendor Product Version
n/a nodejs-http-proxy-agent Affected: prior to nodejs-http-proxy-agent 2.1.0
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:17:18.934Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1567245"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.npmjs.com/advisories/607"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "nodejs-http-proxy-agent",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "prior to nodejs-http-proxy-agent 2.1.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in http-proxy-agent, prior to version 2.1.0. It was discovered http-proxy-agent passes an auth option to the Buffer constructor without proper sanitization. This could result in a Denial of Service through the usage of all available CPU resources and data exposure through an uninitialized memory leak in setups where an attacker could submit typed input to the auth parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-665",
              "description": "CWE-665",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-03-19T19:22:17.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1567245"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.npmjs.com/advisories/607"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2019-10196",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "nodejs-http-proxy-agent",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "prior to nodejs-http-proxy-agent 2.1.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A flaw was found in http-proxy-agent, prior to version 2.1.0. It was discovered http-proxy-agent passes an auth option to the Buffer constructor without proper sanitization. This could result in a Denial of Service through the usage of all available CPU resources and data exposure through an uninitialized memory leak in setups where an attacker could submit typed input to the auth parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-665"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1567245",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1567245"
            },
            {
              "name": "https://www.npmjs.com/advisories/607",
              "refsource": "MISC",
              "url": "https://www.npmjs.com/advisories/607"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2019-10196",
    "datePublished": "2021-03-19T19:22:17.000Z",
    "dateReserved": "2019-03-27T00:00:00.000Z",
    "dateUpdated": "2024-08-04T22:17:18.934Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-8277 (GCVE-0-2019-8277)

Vulnerability from cvelistv5 – Published: 2019-03-09 00:00 – Updated: 2024-08-04 21:17
VLAI
Summary
UltraVNC revision 1211 contains multiple memory leaks (CWE-665) in VNC server code, which allows an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212.
Severity
No CVSS data available.
CWE
  • CWE-665 - multiple memory leaks (CWE-665)
Assigner
Impacted products
Vendor Product Version
Kaspersky Lab UltraVNC Affected: revision 1211
Create a notification for this product.
Date Public
2019-03-01 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T21:17:30.165Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-024-ultravnc-improper-initialization/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "UltraVNC",
          "vendor": "Kaspersky Lab",
          "versions": [
            {
              "status": "affected",
              "version": "revision 1211"
            }
          ]
        }
      ],
      "datePublic": "2019-03-01T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "UltraVNC revision 1211 contains multiple memory leaks (CWE-665) in VNC server code, which allows an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-665",
              "description": "multiple memory leaks (CWE-665)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-06-28T12:26:17.000Z",
        "orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
        "shortName": "Kaspersky"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-024-ultravnc-improper-initialization/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vulnerability@kaspersky.com",
          "ID": "CVE-2019-8277",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "UltraVNC",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "revision 1211"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Kaspersky Lab"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "UltraVNC revision 1211 contains multiple memory leaks (CWE-665) in VNC server code, which allows an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "multiple memory leaks (CWE-665)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-024-ultravnc-improper-initialization/",
              "refsource": "CONFIRM",
              "url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-024-ultravnc-improper-initialization/"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
            },
            {
              "name": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06",
              "refsource": "MISC",
              "url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
    "assignerShortName": "Kaspersky",
    "cveId": "CVE-2019-8277",
    "datePublished": "2019-03-09T00:00:00.000Z",
    "dateReserved": "2019-02-12T00:00:00.000Z",
    "dateUpdated": "2024-08-04T21:17:30.165Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-8259 (GCVE-0-2019-8259)

Vulnerability from cvelistv5 – Published: 2019-03-05 15:00 – Updated: 2024-09-16 20:59
VLAI
Summary
UltraVNC revision 1198 contains multiple memory leaks (CWE-655) in VNC client code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1199.
Severity
No CVSS data available.
CWE
  • CWE-665 - Improper Initialization
Assigner
Impacted products
Vendor Product Version
UltraVNC UltraVNC Affected: 1.2.2.3
Create a notification for this product.
Date Public
2019-03-01 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T21:17:30.187Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-005-ultravnc-memory-leak/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "UltraVNC",
          "vendor": "UltraVNC",
          "versions": [
            {
              "status": "affected",
              "version": "1.2.2.3"
            }
          ]
        }
      ],
      "datePublic": "2019-03-01T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "UltraVNC revision 1198 contains multiple memory leaks (CWE-655) in VNC client code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1199."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-665",
              "description": "CWE-665: Improper Initialization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-06-28T12:10:55.000Z",
        "orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
        "shortName": "Kaspersky"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-005-ultravnc-memory-leak/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vulnerability@kaspersky.com",
          "DATE_PUBLIC": "2019-03-01T00:00:00",
          "ID": "CVE-2019-8259",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "UltraVNC",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "1.2.2.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "UltraVNC"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "UltraVNC revision 1198 contains multiple memory leaks (CWE-655) in VNC client code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1199."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-665: Improper Initialization"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-005-ultravnc-memory-leak/",
              "refsource": "MISC",
              "url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-005-ultravnc-memory-leak/"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
            },
            {
              "name": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06",
              "refsource": "MISC",
              "url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
    "assignerShortName": "Kaspersky",
    "cveId": "CVE-2019-8259",
    "datePublished": "2019-03-05T15:00:00.000Z",
    "dateReserved": "2019-02-12T00:00:00.000Z",
    "dateUpdated": "2024-09-16T20:59:11.748Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-1840 (GCVE-0-2019-1840)

Vulnerability from cvelistv5 – Published: 2019-04-18 01:25 – Updated: 2024-11-19 19:10
VLAI
Title
Cisco Prime Network Registrar Denial of Service Vulnerability
Summary
A vulnerability in the DHCPv6 input packet processor of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to restart the server and cause a denial of service (DoS) condition on the affected system. The vulnerability is due to incomplete user-supplied input validation when a custom extension attempts to change a DHCPv6 packet received by the application. An attacker could exploit this vulnerability by sending malformed DHCPv6 packets to the application. An exploit could allow the attacker to trigger a restart of the service which, if exploited repeatedly, might lead to a DoS condition. This vulnerability can only be exploited if the administrator of the server has previously installed custom extensions that attempt to modify the packet details before the packet has been processed. Note: Although the CVSS score matches a High SIR, this has been lowered to Medium because this condition will only affect an application that has customer-developed extensions that will attempt to modify packet parameters before the packet has been completely sanitized. If packet modification in a custom extension happens after the packet has been sanitized, the application will not be affected by this vulnerability. Software versions prior to 8.3(7) and 9.1(2) are affected.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
URL Tags
https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
http://www.securityfocus.com/bid/108033 vdb-entryx_refsource_BID
Impacted products
Vendor Product Version
Cisco Cisco Prime Network Registrar Affected: unspecified , < 8.3(7) (custom)
Affected: unspecified , < 9.1(2) (custom)
Create a notification for this product.
Date Public
2019-04-17 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:28:42.868Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190417 Cisco Prime Network Registrar Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-pnr-dos"
          },
          {
            "name": "108033",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108033"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-1840",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T17:24:40.763581Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T19:10:35.693Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Prime Network Registrar",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "8.3(7)",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "9.1(2)",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-04-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the DHCPv6 input packet processor of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to restart the server and cause a denial of service (DoS) condition on the affected system. The vulnerability is due to incomplete user-supplied input validation when a custom extension attempts to change a DHCPv6 packet received by the application. An attacker could exploit this vulnerability by sending malformed DHCPv6 packets to the application. An exploit could allow the attacker to trigger a restart of the service which, if exploited repeatedly, might lead to a DoS condition. This vulnerability can only be exploited if the administrator of the server has previously installed custom extensions that attempt to modify the packet details before the packet has been processed. Note: Although the CVSS score matches a High SIR, this has been lowered to Medium because this condition will only affect an application that has customer-developed extensions that will attempt to modify packet parameters before the packet has been completely sanitized. If packet modification in a custom extension happens after the packet has been sanitized, the application will not be affected by this vulnerability. Software versions prior to 8.3(7) and 9.1(2) are affected."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-665",
              "description": "CWE-665",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-04-23T09:06:05.000Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190417 Cisco Prime Network Registrar Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-pnr-dos"
        },
        {
          "name": "108033",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108033"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190417-pnr-dos",
        "defect": [
          [
            "CSCvn20662"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Prime Network Registrar Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-04-17T16:00:00-0700",
          "ID": "CVE-2019-1840",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Prime Network Registrar Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Prime Network Registrar",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "8.3(7)"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "9.1(2)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the DHCPv6 input packet processor of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to restart the server and cause a denial of service (DoS) condition on the affected system. The vulnerability is due to incomplete user-supplied input validation when a custom extension attempts to change a DHCPv6 packet received by the application. An attacker could exploit this vulnerability by sending malformed DHCPv6 packets to the application. An exploit could allow the attacker to trigger a restart of the service which, if exploited repeatedly, might lead to a DoS condition. This vulnerability can only be exploited if the administrator of the server has previously installed custom extensions that attempt to modify the packet details before the packet has been processed. Note: Although the CVSS score matches a High SIR, this has been lowered to Medium because this condition will only affect an application that has customer-developed extensions that will attempt to modify packet parameters before the packet has been completely sanitized. If packet modification in a custom extension happens after the packet has been sanitized, the application will not be affected by this vulnerability. Software versions prior to 8.3(7) and 9.1(2) are affected."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-665"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190417 Cisco Prime Network Registrar Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-pnr-dos"
            },
            {
              "name": "108033",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108033"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190417-pnr-dos",
          "defect": [
            [
              "CSCvn20662"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-1840",
    "datePublished": "2019-04-18T01:25:14.617Z",
    "dateReserved": "2018-12-06T00:00:00.000Z",
    "dateUpdated": "2024-11-19T19:10:35.693Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-1761 (GCVE-0-2019-1761)

Vulnerability from cvelistv5 – Published: 2019-03-28 00:25 – Updated: 2024-11-21 19:41
VLAI
Title
Cisco IOS and IOS XE Software Hot Standby Router Protocol Information Leak Vulnerability
Summary
A vulnerability in the Hot Standby Router Protocol (HSRP) subsystem of Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to receive potentially sensitive information from an affected device. The vulnerability is due to insufficient memory initialization. An attacker could exploit this vulnerability by receiving HSRPv2 traffic from an adjacent HSRP member. A successful exploit could allow the attacker to receive potentially sensitive information from the adjacent device.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
URL Tags
https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
http://www.securityfocus.com/bid/107620 vdb-entryx_refsource_BID
Impacted products
Vendor Product Version
Cisco Cisco IOS and IOS XE Software Affected: 3.2.0SG
Affected: 3.2.1SG
Affected: 3.2.2SG
Affected: 3.2.3SG
Affected: 3.2.4SG
Affected: 3.2.5SG
Affected: 3.2.6SG
Affected: 3.2.7SG
Affected: 3.2.8SG
Affected: 3.2.9SG
Affected: 3.2.10SG
Affected: 3.2.11SG
Affected: 3.7.0S
Affected: 3.7.1S
Affected: 3.7.2S
Affected: 3.7.3S
Affected: 3.7.4S
Affected: 3.7.5S
Affected: 3.7.6S
Affected: 3.7.7S
Affected: 3.7.8S
Affected: 3.7.4aS
Affected: 3.7.2tS
Affected: 3.7.0bS
Affected: 3.7.1aS
Affected: 3.3.0SG
Affected: 3.3.2SG
Affected: 3.3.1SG
Affected: 3.8.0S
Affected: 3.8.1S
Affected: 3.8.2S
Affected: 3.9.1S
Affected: 3.9.0S
Affected: 3.9.2S
Affected: 3.9.1aS
Affected: 3.9.0aS
Affected: 3.2.0SE
Affected: 3.2.1SE
Affected: 3.2.2SE
Affected: 3.2.3SE
Affected: 3.3.0SE
Affected: 3.3.1SE
Affected: 3.3.2SE
Affected: 3.3.3SE
Affected: 3.3.4SE
Affected: 3.3.5SE
Affected: 3.3.0XO
Affected: 3.3.1XO
Affected: 3.3.2XO
Affected: 3.4.0SG
Affected: 3.4.2SG
Affected: 3.4.1SG
Affected: 3.4.3SG
Affected: 3.4.4SG
Affected: 3.4.5SG
Affected: 3.4.6SG
Affected: 3.4.7SG
Affected: 3.4.8SG
Affected: 3.5.0E
Affected: 3.5.1E
Affected: 3.5.2E
Affected: 3.5.3E
Affected: 3.10.0S
Affected: 3.10.1S
Affected: 3.10.2S
Affected: 3.10.3S
Affected: 3.10.4S
Affected: 3.10.5S
Affected: 3.10.6S
Affected: 3.10.2aS
Affected: 3.10.2tS
Affected: 3.10.7S
Affected: 3.10.8S
Affected: 3.10.8aS
Affected: 3.10.9S
Affected: 3.10.10S
Affected: 3.11.1S
Affected: 3.11.2S
Affected: 3.11.0S
Affected: 3.11.3S
Affected: 3.11.4S
Affected: 3.12.0S
Affected: 3.12.1S
Affected: 3.12.2S
Affected: 3.12.3S
Affected: 3.12.0aS
Affected: 3.12.4S
Affected: 3.13.0S
Affected: 3.13.1S
Affected: 3.13.2S
Affected: 3.13.3S
Affected: 3.13.4S
Affected: 3.13.5S
Affected: 3.13.2aS
Affected: 3.13.0aS
Affected: 3.13.5aS
Affected: 3.13.6S
Affected: 3.13.7S
Affected: 3.13.6aS
Affected: 3.13.6bS
Affected: 3.13.7aS
Affected: 3.13.8S
Affected: 3.13.9S
Affected: 3.13.10S
Affected: 3.6.0E
Affected: 3.6.1E
Affected: 3.6.0aE
Affected: 3.6.0bE
Affected: 3.6.2aE
Affected: 3.6.2E
Affected: 3.6.3E
Affected: 3.6.4E
Affected: 3.6.5E
Affected: 3.6.6E
Affected: 3.6.5aE
Affected: 3.6.5bE
Affected: 3.6.7E
Affected: 3.6.8E
Affected: 3.6.7aE
Affected: 3.6.7bE
Affected: 3.6.9E
Affected: 3.6.9aE
Affected: 3.14.0S
Affected: 3.14.1S
Affected: 3.14.2S
Affected: 3.14.3S
Affected: 3.14.4S
Affected: 3.15.0S
Affected: 3.15.1S
Affected: 3.15.2S
Affected: 3.15.1cS
Affected: 3.15.3S
Affected: 3.15.4S
Affected: 3.3.0SQ
Affected: 3.3.1SQ
Affected: 3.4.0SQ
Affected: 3.4.1SQ
Affected: 3.7.0E
Affected: 3.7.1E
Affected: 3.7.2E
Affected: 3.7.3E
Affected: 3.7.4E
Affected: 3.7.5E
Affected: 3.5.0SQ
Affected: 3.5.1SQ
Affected: 3.5.2SQ
Affected: 3.5.3SQ
Affected: 3.5.4SQ
Affected: 3.5.5SQ
Affected: 3.5.6SQ
Affected: 3.5.7SQ
Affected: 3.5.8SQ
Affected: 3.16.0S
Affected: 3.16.1S
Affected: 3.16.0aS
Affected: 3.16.1aS
Affected: 3.16.2S
Affected: 3.16.2aS
Affected: 3.16.0bS
Affected: 3.16.0cS
Affected: 3.16.3S
Affected: 3.16.2bS
Affected: 3.16.3aS
Affected: 3.16.4S
Affected: 3.16.4aS
Affected: 3.16.4bS
Affected: 3.16.4gS
Affected: 3.16.5S
Affected: 3.16.4cS
Affected: 3.16.4dS
Affected: 3.16.4eS
Affected: 3.16.6S
Affected: 3.16.5aS
Affected: 3.16.5bS
Affected: 3.16.7S
Affected: 3.16.6bS
Affected: 3.16.7aS
Affected: 3.16.7bS
Affected: 3.16.8S
Affected: 3.17.0S
Affected: 3.17.1S
Affected: 3.17.2S
Affected: 3.17.1aS
Affected: 3.17.3S
Affected: 3.17.4S
Affected: 16.1.1
Affected: 16.1.2
Affected: 16.1.3
Affected: 3.2.0JA
Affected: 16.2.1
Affected: 16.2.2
Affected: 3.8.0E
Affected: 3.8.1E
Affected: 3.8.2E
Affected: 3.8.3E
Affected: 3.8.4E
Affected: 3.8.5E
Affected: 3.8.5aE
Affected: 3.8.6E
Affected: 3.8.7E
Affected: 16.3.1
Affected: 16.3.2
Affected: 16.3.3
Affected: 16.3.1a
Affected: 16.3.4
Affected: 16.3.5
Affected: 16.3.5b
Affected: 16.3.6
Affected: 16.3.7
Affected: 16.4.1
Affected: 16.4.2
Affected: 16.4.3
Affected: 16.5.1
Affected: 16.5.1a
Affected: 16.5.1b
Affected: 16.5.2
Affected: 16.5.3
Affected: 3.18.0aS
Affected: 3.18.0S
Affected: 3.18.1S
Affected: 3.18.2S
Affected: 3.18.3S
Affected: 3.18.4S
Affected: 3.18.0SP
Affected: 3.18.1SP
Affected: 3.18.1aSP
Affected: 3.18.1gSP
Affected: 3.18.1bSP
Affected: 3.18.1cSP
Affected: 3.18.2SP
Affected: 3.18.1hSP
Affected: 3.18.2aSP
Affected: 3.18.1iSP
Affected: 3.18.3SP
Affected: 3.18.4SP
Affected: 3.18.3aSP
Affected: 3.18.3bSP
Affected: 3.18.5SP
Affected: 3.9.0E
Affected: 3.9.1E
Affected: 3.9.2E
Affected: 3.9.2bE
Affected: 16.6.1
Affected: 16.6.2
Affected: 16.6.3
Affected: 16.6.4
Affected: 16.6.4s
Affected: 16.6.4a
Affected: 16.7.1
Affected: 16.7.1a
Affected: 16.7.1b
Affected: 16.7.2
Affected: 16.8.1
Affected: 16.8.1a
Affected: 16.8.1b
Affected: 16.8.1s
Affected: 16.8.1c
Affected: 16.8.1d
Affected: 16.8.2
Affected: 16.8.1e
Affected: 16.9.1
Affected: 16.9.1a
Affected: 16.9.1b
Affected: 16.9.1s
Affected: 16.9.1c
Affected: 16.9.1d
Affected: 3.10.0E
Affected: 3.10.1E
Affected: 3.10.0cE
Affected: 3.10.2E
Affected: 3.10.1aE
Affected: 3.10.1sE
Create a notification for this product.
Date Public
2019-03-27 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:28:42.469Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190327 Cisco IOS and IOS XE Software Hot Standby Router Protocol Information Leak Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-ios-infoleak"
          },
          {
            "name": "107620",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/107620"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-1761",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-21T18:59:47.091418Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-21T19:41:22.576Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS and IOS XE Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "3.2.0SG"
            },
            {
              "status": "affected",
              "version": "3.2.1SG"
            },
            {
              "status": "affected",
              "version": "3.2.2SG"
            },
            {
              "status": "affected",
              "version": "3.2.3SG"
            },
            {
              "status": "affected",
              "version": "3.2.4SG"
            },
            {
              "status": "affected",
              "version": "3.2.5SG"
            },
            {
              "status": "affected",
              "version": "3.2.6SG"
            },
            {
              "status": "affected",
              "version": "3.2.7SG"
            },
            {
              "status": "affected",
              "version": "3.2.8SG"
            },
            {
              "status": "affected",
              "version": "3.2.9SG"
            },
            {
              "status": "affected",
              "version": "3.2.10SG"
            },
            {
              "status": "affected",
              "version": "3.2.11SG"
            },
            {
              "status": "affected",
              "version": "3.7.0S"
            },
            {
              "status": "affected",
              "version": "3.7.1S"
            },
            {
              "status": "affected",
              "version": "3.7.2S"
            },
            {
              "status": "affected",
              "version": "3.7.3S"
            },
            {
              "status": "affected",
              "version": "3.7.4S"
            },
            {
              "status": "affected",
              "version": "3.7.5S"
            },
            {
              "status": "affected",
              "version": "3.7.6S"
            },
            {
              "status": "affected",
              "version": "3.7.7S"
            },
            {
              "status": "affected",
              "version": "3.7.8S"
            },
            {
              "status": "affected",
              "version": "3.7.4aS"
            },
            {
              "status": "affected",
              "version": "3.7.2tS"
            },
            {
              "status": "affected",
              "version": "3.7.0bS"
            },
            {
              "status": "affected",
              "version": "3.7.1aS"
            },
            {
              "status": "affected",
              "version": "3.3.0SG"
            },
            {
              "status": "affected",
              "version": "3.3.2SG"
            },
            {
              "status": "affected",
              "version": "3.3.1SG"
            },
            {
              "status": "affected",
              "version": "3.8.0S"
            },
            {
              "status": "affected",
              "version": "3.8.1S"
            },
            {
              "status": "affected",
              "version": "3.8.2S"
            },
            {
              "status": "affected",
              "version": "3.9.1S"
            },
            {
              "status": "affected",
              "version": "3.9.0S"
            },
            {
              "status": "affected",
              "version": "3.9.2S"
            },
            {
              "status": "affected",
              "version": "3.9.1aS"
            },
            {
              "status": "affected",
              "version": "3.9.0aS"
            },
            {
              "status": "affected",
              "version": "3.2.0SE"
            },
            {
              "status": "affected",
              "version": "3.2.1SE"
            },
            {
              "status": "affected",
              "version": "3.2.2SE"
            },
            {
              "status": "affected",
              "version": "3.2.3SE"
            },
            {
              "status": "affected",
              "version": "3.3.0SE"
            },
            {
              "status": "affected",
              "version": "3.3.1SE"
            },
            {
              "status": "affected",
              "version": "3.3.2SE"
            },
            {
              "status": "affected",
              "version": "3.3.3SE"
            },
            {
              "status": "affected",
              "version": "3.3.4SE"
            },
            {
              "status": "affected",
              "version": "3.3.5SE"
            },
            {
              "status": "affected",
              "version": "3.3.0XO"
            },
            {
              "status": "affected",
              "version": "3.3.1XO"
            },
            {
              "status": "affected",
              "version": "3.3.2XO"
            },
            {
              "status": "affected",
              "version": "3.4.0SG"
            },
            {
              "status": "affected",
              "version": "3.4.2SG"
            },
            {
              "status": "affected",
              "version": "3.4.1SG"
            },
            {
              "status": "affected",
              "version": "3.4.3SG"
            },
            {
              "status": "affected",
              "version": "3.4.4SG"
            },
            {
              "status": "affected",
              "version": "3.4.5SG"
            },
            {
              "status": "affected",
              "version": "3.4.6SG"
            },
            {
              "status": "affected",
              "version": "3.4.7SG"
            },
            {
              "status": "affected",
              "version": "3.4.8SG"
            },
            {
              "status": "affected",
              "version": "3.5.0E"
            },
            {
              "status": "affected",
              "version": "3.5.1E"
            },
            {
              "status": "affected",
              "version": "3.5.2E"
            },
            {
              "status": "affected",
              "version": "3.5.3E"
            },
            {
              "status": "affected",
              "version": "3.10.0S"
            },
            {
              "status": "affected",
              "version": "3.10.1S"
            },
            {
              "status": "affected",
              "version": "3.10.2S"
            },
            {
              "status": "affected",
              "version": "3.10.3S"
            },
            {
              "status": "affected",
              "version": "3.10.4S"
            },
            {
              "status": "affected",
              "version": "3.10.5S"
            },
            {
              "status": "affected",
              "version": "3.10.6S"
            },
            {
              "status": "affected",
              "version": "3.10.2aS"
            },
            {
              "status": "affected",
              "version": "3.10.2tS"
            },
            {
              "status": "affected",
              "version": "3.10.7S"
            },
            {
              "status": "affected",
              "version": "3.10.8S"
            },
            {
              "status": "affected",
              "version": "3.10.8aS"
            },
            {
              "status": "affected",
              "version": "3.10.9S"
            },
            {
              "status": "affected",
              "version": "3.10.10S"
            },
            {
              "status": "affected",
              "version": "3.11.1S"
            },
            {
              "status": "affected",
              "version": "3.11.2S"
            },
            {
              "status": "affected",
              "version": "3.11.0S"
            },
            {
              "status": "affected",
              "version": "3.11.3S"
            },
            {
              "status": "affected",
              "version": "3.11.4S"
            },
            {
              "status": "affected",
              "version": "3.12.0S"
            },
            {
              "status": "affected",
              "version": "3.12.1S"
            },
            {
              "status": "affected",
              "version": "3.12.2S"
            },
            {
              "status": "affected",
              "version": "3.12.3S"
            },
            {
              "status": "affected",
              "version": "3.12.0aS"
            },
            {
              "status": "affected",
              "version": "3.12.4S"
            },
            {
              "status": "affected",
              "version": "3.13.0S"
            },
            {
              "status": "affected",
              "version": "3.13.1S"
            },
            {
              "status": "affected",
              "version": "3.13.2S"
            },
            {
              "status": "affected",
              "version": "3.13.3S"
            },
            {
              "status": "affected",
              "version": "3.13.4S"
            },
            {
              "status": "affected",
              "version": "3.13.5S"
            },
            {
              "status": "affected",
              "version": "3.13.2aS"
            },
            {
              "status": "affected",
              "version": "3.13.0aS"
            },
            {
              "status": "affected",
              "version": "3.13.5aS"
            },
            {
              "status": "affected",
              "version": "3.13.6S"
            },
            {
              "status": "affected",
              "version": "3.13.7S"
            },
            {
              "status": "affected",
              "version": "3.13.6aS"
            },
            {
              "status": "affected",
              "version": "3.13.6bS"
            },
            {
              "status": "affected",
              "version": "3.13.7aS"
            },
            {
              "status": "affected",
              "version": "3.13.8S"
            },
            {
              "status": "affected",
              "version": "3.13.9S"
            },
            {
              "status": "affected",
              "version": "3.13.10S"
            },
            {
              "status": "affected",
              "version": "3.6.0E"
            },
            {
              "status": "affected",
              "version": "3.6.1E"
            },
            {
              "status": "affected",
              "version": "3.6.0aE"
            },
            {
              "status": "affected",
              "version": "3.6.0bE"
            },
            {
              "status": "affected",
              "version": "3.6.2aE"
            },
            {
              "status": "affected",
              "version": "3.6.2E"
            },
            {
              "status": "affected",
              "version": "3.6.3E"
            },
            {
              "status": "affected",
              "version": "3.6.4E"
            },
            {
              "status": "affected",
              "version": "3.6.5E"
            },
            {
              "status": "affected",
              "version": "3.6.6E"
            },
            {
              "status": "affected",
              "version": "3.6.5aE"
            },
            {
              "status": "affected",
              "version": "3.6.5bE"
            },
            {
              "status": "affected",
              "version": "3.6.7E"
            },
            {
              "status": "affected",
              "version": "3.6.8E"
            },
            {
              "status": "affected",
              "version": "3.6.7aE"
            },
            {
              "status": "affected",
              "version": "3.6.7bE"
            },
            {
              "status": "affected",
              "version": "3.6.9E"
            },
            {
              "status": "affected",
              "version": "3.6.9aE"
            },
            {
              "status": "affected",
              "version": "3.14.0S"
            },
            {
              "status": "affected",
              "version": "3.14.1S"
            },
            {
              "status": "affected",
              "version": "3.14.2S"
            },
            {
              "status": "affected",
              "version": "3.14.3S"
            },
            {
              "status": "affected",
              "version": "3.14.4S"
            },
            {
              "status": "affected",
              "version": "3.15.0S"
            },
            {
              "status": "affected",
              "version": "3.15.1S"
            },
            {
              "status": "affected",
              "version": "3.15.2S"
            },
            {
              "status": "affected",
              "version": "3.15.1cS"
            },
            {
              "status": "affected",
              "version": "3.15.3S"
            },
            {
              "status": "affected",
              "version": "3.15.4S"
            },
            {
              "status": "affected",
              "version": "3.3.0SQ"
            },
            {
              "status": "affected",
              "version": "3.3.1SQ"
            },
            {
              "status": "affected",
              "version": "3.4.0SQ"
            },
            {
              "status": "affected",
              "version": "3.4.1SQ"
            },
            {
              "status": "affected",
              "version": "3.7.0E"
            },
            {
              "status": "affected",
              "version": "3.7.1E"
            },
            {
              "status": "affected",
              "version": "3.7.2E"
            },
            {
              "status": "affected",
              "version": "3.7.3E"
            },
            {
              "status": "affected",
              "version": "3.7.4E"
            },
            {
              "status": "affected",
              "version": "3.7.5E"
            },
            {
              "status": "affected",
              "version": "3.5.0SQ"
            },
            {
              "status": "affected",
              "version": "3.5.1SQ"
            },
            {
              "status": "affected",
              "version": "3.5.2SQ"
            },
            {
              "status": "affected",
              "version": "3.5.3SQ"
            },
            {
              "status": "affected",
              "version": "3.5.4SQ"
            },
            {
              "status": "affected",
              "version": "3.5.5SQ"
            },
            {
              "status": "affected",
              "version": "3.5.6SQ"
            },
            {
              "status": "affected",
              "version": "3.5.7SQ"
            },
            {
              "status": "affected",
              "version": "3.5.8SQ"
            },
            {
              "status": "affected",
              "version": "3.16.0S"
            },
            {
              "status": "affected",
              "version": "3.16.1S"
            },
            {
              "status": "affected",
              "version": "3.16.0aS"
            },
            {
              "status": "affected",
              "version": "3.16.1aS"
            },
            {
              "status": "affected",
              "version": "3.16.2S"
            },
            {
              "status": "affected",
              "version": "3.16.2aS"
            },
            {
              "status": "affected",
              "version": "3.16.0bS"
            },
            {
              "status": "affected",
              "version": "3.16.0cS"
            },
            {
              "status": "affected",
              "version": "3.16.3S"
            },
            {
              "status": "affected",
              "version": "3.16.2bS"
            },
            {
              "status": "affected",
              "version": "3.16.3aS"
            },
            {
              "status": "affected",
              "version": "3.16.4S"
            },
            {
              "status": "affected",
              "version": "3.16.4aS"
            },
            {
              "status": "affected",
              "version": "3.16.4bS"
            },
            {
              "status": "affected",
              "version": "3.16.4gS"
            },
            {
              "status": "affected",
              "version": "3.16.5S"
            },
            {
              "status": "affected",
              "version": "3.16.4cS"
            },
            {
              "status": "affected",
              "version": "3.16.4dS"
            },
            {
              "status": "affected",
              "version": "3.16.4eS"
            },
            {
              "status": "affected",
              "version": "3.16.6S"
            },
            {
              "status": "affected",
              "version": "3.16.5aS"
            },
            {
              "status": "affected",
              "version": "3.16.5bS"
            },
            {
              "status": "affected",
              "version": "3.16.7S"
            },
            {
              "status": "affected",
              "version": "3.16.6bS"
            },
            {
              "status": "affected",
              "version": "3.16.7aS"
            },
            {
              "status": "affected",
              "version": "3.16.7bS"
            },
            {
              "status": "affected",
              "version": "3.16.8S"
            },
            {
              "status": "affected",
              "version": "3.17.0S"
            },
            {
              "status": "affected",
              "version": "3.17.1S"
            },
            {
              "status": "affected",
              "version": "3.17.2S"
            },
            {
              "status": "affected",
              "version": "3.17.1aS"
            },
            {
              "status": "affected",
              "version": "3.17.3S"
            },
            {
              "status": "affected",
              "version": "3.17.4S"
            },
            {
              "status": "affected",
              "version": "16.1.1"
            },
            {
              "status": "affected",
              "version": "16.1.2"
            },
            {
              "status": "affected",
              "version": "16.1.3"
            },
            {
              "status": "affected",
              "version": "3.2.0JA"
            },
            {
              "status": "affected",
              "version": "16.2.1"
            },
            {
              "status": "affected",
              "version": "16.2.2"
            },
            {
              "status": "affected",
              "version": "3.8.0E"
            },
            {
              "status": "affected",
              "version": "3.8.1E"
            },
            {
              "status": "affected",
              "version": "3.8.2E"
            },
            {
              "status": "affected",
              "version": "3.8.3E"
            },
            {
              "status": "affected",
              "version": "3.8.4E"
            },
            {
              "status": "affected",
              "version": "3.8.5E"
            },
            {
              "status": "affected",
              "version": "3.8.5aE"
            },
            {
              "status": "affected",
              "version": "3.8.6E"
            },
            {
              "status": "affected",
              "version": "3.8.7E"
            },
            {
              "status": "affected",
              "version": "16.3.1"
            },
            {
              "status": "affected",
              "version": "16.3.2"
            },
            {
              "status": "affected",
              "version": "16.3.3"
            },
            {
              "status": "affected",
              "version": "16.3.1a"
            },
            {
              "status": "affected",
              "version": "16.3.4"
            },
            {
              "status": "affected",
              "version": "16.3.5"
            },
            {
              "status": "affected",
              "version": "16.3.5b"
            },
            {
              "status": "affected",
              "version": "16.3.6"
            },
            {
              "status": "affected",
              "version": "16.3.7"
            },
            {
              "status": "affected",
              "version": "16.4.1"
            },
            {
              "status": "affected",
              "version": "16.4.2"
            },
            {
              "status": "affected",
              "version": "16.4.3"
            },
            {
              "status": "affected",
              "version": "16.5.1"
            },
            {
              "status": "affected",
              "version": "16.5.1a"
            },
            {
              "status": "affected",
              "version": "16.5.1b"
            },
            {
              "status": "affected",
              "version": "16.5.2"
            },
            {
              "status": "affected",
              "version": "16.5.3"
            },
            {
              "status": "affected",
              "version": "3.18.0aS"
            },
            {
              "status": "affected",
              "version": "3.18.0S"
            },
            {
              "status": "affected",
              "version": "3.18.1S"
            },
            {
              "status": "affected",
              "version": "3.18.2S"
            },
            {
              "status": "affected",
              "version": "3.18.3S"
            },
            {
              "status": "affected",
              "version": "3.18.4S"
            },
            {
              "status": "affected",
              "version": "3.18.0SP"
            },
            {
              "status": "affected",
              "version": "3.18.1SP"
            },
            {
              "status": "affected",
              "version": "3.18.1aSP"
            },
            {
              "status": "affected",
              "version": "3.18.1gSP"
            },
            {
              "status": "affected",
              "version": "3.18.1bSP"
            },
            {
              "status": "affected",
              "version": "3.18.1cSP"
            },
            {
              "status": "affected",
              "version": "3.18.2SP"
            },
            {
              "status": "affected",
              "version": "3.18.1hSP"
            },
            {
              "status": "affected",
              "version": "3.18.2aSP"
            },
            {
              "status": "affected",
              "version": "3.18.1iSP"
            },
            {
              "status": "affected",
              "version": "3.18.3SP"
            },
            {
              "status": "affected",
              "version": "3.18.4SP"
            },
            {
              "status": "affected",
              "version": "3.18.3aSP"
            },
            {
              "status": "affected",
              "version": "3.18.3bSP"
            },
            {
              "status": "affected",
              "version": "3.18.5SP"
            },
            {
              "status": "affected",
              "version": "3.9.0E"
            },
            {
              "status": "affected",
              "version": "3.9.1E"
            },
            {
              "status": "affected",
              "version": "3.9.2E"
            },
            {
              "status": "affected",
              "version": "3.9.2bE"
            },
            {
              "status": "affected",
              "version": "16.6.1"
            },
            {
              "status": "affected",
              "version": "16.6.2"
            },
            {
              "status": "affected",
              "version": "16.6.3"
            },
            {
              "status": "affected",
              "version": "16.6.4"
            },
            {
              "status": "affected",
              "version": "16.6.4s"
            },
            {
              "status": "affected",
              "version": "16.6.4a"
            },
            {
              "status": "affected",
              "version": "16.7.1"
            },
            {
              "status": "affected",
              "version": "16.7.1a"
            },
            {
              "status": "affected",
              "version": "16.7.1b"
            },
            {
              "status": "affected",
              "version": "16.7.2"
            },
            {
              "status": "affected",
              "version": "16.8.1"
            },
            {
              "status": "affected",
              "version": "16.8.1a"
            },
            {
              "status": "affected",
              "version": "16.8.1b"
            },
            {
              "status": "affected",
              "version": "16.8.1s"
            },
            {
              "status": "affected",
              "version": "16.8.1c"
            },
            {
              "status": "affected",
              "version": "16.8.1d"
            },
            {
              "status": "affected",
              "version": "16.8.2"
            },
            {
              "status": "affected",
              "version": "16.8.1e"
            },
            {
              "status": "affected",
              "version": "16.9.1"
            },
            {
              "status": "affected",
              "version": "16.9.1a"
            },
            {
              "status": "affected",
              "version": "16.9.1b"
            },
            {
              "status": "affected",
              "version": "16.9.1s"
            },
            {
              "status": "affected",
              "version": "16.9.1c"
            },
            {
              "status": "affected",
              "version": "16.9.1d"
            },
            {
              "status": "affected",
              "version": "3.10.0E"
            },
            {
              "status": "affected",
              "version": "3.10.1E"
            },
            {
              "status": "affected",
              "version": "3.10.0cE"
            },
            {
              "status": "affected",
              "version": "3.10.2E"
            },
            {
              "status": "affected",
              "version": "3.10.1aE"
            },
            {
              "status": "affected",
              "version": "3.10.1sE"
            }
          ]
        }
      ],
      "datePublic": "2019-03-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Hot Standby Router Protocol (HSRP) subsystem of Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to receive potentially sensitive information from an affected device. The vulnerability is due to insufficient memory initialization. An attacker could exploit this vulnerability by receiving HSRPv2 traffic from an adjacent HSRP member. A successful exploit could allow the attacker to receive potentially sensitive information from the adjacent device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-665",
              "description": "CWE-665",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-03-29T08:06:05.000Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190327 Cisco IOS and IOS XE Software Hot Standby Router Protocol Information Leak Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-ios-infoleak"
        },
        {
          "name": "107620",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/107620"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190327-ios-infoleak",
        "defect": [
          [
            "CSCvj98575"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS and IOS XE Software Hot Standby Router Protocol Information Leak Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-03-27T16:00:00-0700",
          "ID": "CVE-2019-1761",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS and IOS XE Software Hot Standby Router Protocol Information Leak Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS and IOS XE Software",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "3.2.0SG"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.2.1SG"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.2.2SG"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.2.3SG"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.2.4SG"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.2.5SG"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.2.6SG"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.2.7SG"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.2.8SG"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.2.9SG"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.2.10SG"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.2.11SG"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.7.0S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.7.1S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.7.2S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.7.3S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.7.4S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.7.5S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.7.6S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.7.7S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.7.8S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.7.4aS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.7.2tS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.7.0bS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.7.1aS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.3.0SG"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.3.2SG"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.3.1SG"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.8.0S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.8.1S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.8.2S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.9.1S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.9.0S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.9.2S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.9.1aS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.9.0aS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.2.0SE"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.2.1SE"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.2.2SE"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.2.3SE"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.3.0SE"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.3.1SE"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.3.2SE"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.3.3SE"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.3.4SE"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.3.5SE"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.3.0XO"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.3.1XO"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.3.2XO"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.4.0SG"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.4.2SG"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.4.1SG"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.4.3SG"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.4.4SG"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.4.5SG"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.4.6SG"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.4.7SG"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.4.8SG"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.5.0E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.5.1E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.5.2E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.5.3E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.10.0S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.10.1S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.10.2S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.10.3S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.10.4S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.10.5S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.10.6S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.10.2aS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.10.2tS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.10.7S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.10.8S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.10.8aS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.10.9S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.10.10S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.11.1S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.11.2S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.11.0S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.11.3S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.11.4S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.12.0S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.12.1S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.12.2S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.12.3S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.12.0aS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.12.4S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.13.0S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.13.1S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.13.2S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.13.3S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.13.4S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.13.5S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.13.2aS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.13.0aS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.13.5aS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.13.6S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.13.7S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.13.6aS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.13.6bS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.13.7aS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.13.8S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.13.9S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.13.10S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.6.0E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.6.1E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.6.0aE"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.6.0bE"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.6.2aE"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.6.2E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.6.3E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.6.4E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.6.5E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.6.6E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.6.5aE"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.6.5bE"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.6.7E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.6.8E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.6.7aE"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.6.7bE"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.6.9E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.6.9aE"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.14.0S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.14.1S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.14.2S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.14.3S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.14.4S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.15.0S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.15.1S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.15.2S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.15.1cS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.15.3S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.15.4S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.3.0SQ"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.3.1SQ"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.4.0SQ"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.4.1SQ"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.7.0E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.7.1E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.7.2E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.7.3E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.7.4E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.7.5E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.5.0SQ"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.5.1SQ"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.5.2SQ"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.5.3SQ"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.5.4SQ"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.5.5SQ"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.5.6SQ"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.5.7SQ"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.5.8SQ"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.16.0S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.16.1S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.16.0aS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.16.1aS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.16.2S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.16.2aS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.16.0bS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.16.0cS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.16.3S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.16.2bS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.16.3aS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.16.4S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.16.4aS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.16.4bS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.16.4gS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.16.5S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.16.4cS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.16.4dS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.16.4eS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.16.6S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.16.5aS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.16.5bS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.16.7S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.16.6bS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.16.7aS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.16.7bS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.16.8S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.17.0S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.17.1S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.17.2S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.17.1aS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.17.3S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.17.4S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.1.1"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.1.2"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.1.3"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.2.0JA"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.2.1"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.2.2"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.8.0E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.8.1E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.8.2E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.8.3E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.8.4E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.8.5E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.8.5aE"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.8.6E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.8.7E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.3.1"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.3.2"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.3.3"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.3.1a"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.3.4"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.3.5"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.3.5b"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.3.6"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.3.7"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.4.1"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.4.2"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.4.3"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.5.1"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.5.1a"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.5.1b"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.5.2"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.5.3"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.18.0aS"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.18.0S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.18.1S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.18.2S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.18.3S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.18.4S"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.18.0SP"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.18.1SP"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.18.1aSP"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.18.1gSP"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.18.1bSP"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.18.1cSP"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.18.2SP"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.18.1hSP"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.18.2aSP"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.18.1iSP"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.18.3SP"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.18.4SP"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.18.3aSP"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.18.3bSP"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.18.5SP"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.9.0E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.9.1E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.9.2E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.9.2bE"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.6.1"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.6.2"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.6.3"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.6.4"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.6.4s"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.6.4a"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.7.1"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.7.1a"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.7.1b"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.7.2"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.8.1"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.8.1a"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.8.1b"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.8.1s"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.8.1c"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.8.1d"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.8.2"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.8.1e"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.9.1"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.9.1a"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.9.1b"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.9.1s"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.9.1c"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "16.9.1d"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.10.0E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.10.1E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.10.0cE"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.10.2E"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.10.1aE"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "3.10.1sE"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Hot Standby Router Protocol (HSRP) subsystem of Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to receive potentially sensitive information from an affected device. The vulnerability is due to insufficient memory initialization. An attacker could exploit this vulnerability by receiving HSRPv2 traffic from an adjacent HSRP member. A successful exploit could allow the attacker to receive potentially sensitive information from the adjacent device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "4.3",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-665"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190327 Cisco IOS and IOS XE Software Hot Standby Router Protocol Information Leak Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-ios-infoleak"
            },
            {
              "name": "107620",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/107620"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190327-ios-infoleak",
          "defect": [
            [
              "CSCvj98575"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-1761",
    "datePublished": "2019-03-28T00:25:15.422Z",
    "dateReserved": "2018-12-06T00:00:00.000Z",
    "dateUpdated": "2024-11-21T19:41:22.576Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-14647 (GCVE-0-2018-14647)

Vulnerability from cvelistv5 – Published: 2018-09-25 00:00 – Updated: 2024-08-05 09:38
VLAI
Summary
Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause pathological hash collisions in Expat's internal data structures, consuming large amounts CPU and RAM. The vulnerability exists in Python versions 3.7.0, 3.6.0 through 3.6.6, 3.5.0 through 3.5.6, 3.4.0 through 3.4.9, 2.7.0 through 2.7.15.
Assigner
References
URL Tags
https://www.debian.org/security/2018/dsa-4306 vendor-advisoryx_refsource_DEBIAN
https://usn.ubuntu.com/3817-2/ vendor-advisoryx_refsource_UBUNTU
http://www.securitytracker.com/id/1041740 vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/105396 vdb-entryx_refsource_BID
https://www.debian.org/security/2018/dsa-4307 vendor-advisoryx_refsource_DEBIAN
https://bugs.python.org/issue34623 x_refsource_MISC
https://usn.ubuntu.com/3817-1/ vendor-advisoryx_refsource_UBUNTU
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2… x_refsource_CONFIRM
https://lists.fedoraproject.org/archives/list/pac… vendor-advisoryx_refsource_FEDORA
https://access.redhat.com/errata/RHSA-2019:1260 vendor-advisoryx_refsource_REDHAT
https://lists.debian.org/debian-lts-announce/2019… mailing-listx_refsource_MLIST
https://lists.debian.org/debian-lts-announce/2019… mailing-listx_refsource_MLIST
https://access.redhat.com/errata/RHSA-2019:2030 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:3725 vendor-advisoryx_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
https://lists.apache.org/thread.html/r1b103833cb5… mailing-listx_refsource_MLIST
Impacted products
Vendor Product Version
The Python Project Python Affected: 3.8, 3.7, 3.6, 3.5, 3.4, 2.7
Create a notification for this product.
Date Public
2018-09-21 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:38:13.104Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-4306",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4306"
          },
          {
            "name": "USN-3817-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3817-2/"
          },
          {
            "name": "1041740",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041740"
          },
          {
            "name": "105396",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105396"
          },
          {
            "name": "DSA-4307",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4307"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugs.python.org/issue34623"
          },
          {
            "name": "USN-3817-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3817-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14647"
          },
          {
            "name": "FEDORA-2019-0c91ce7b3c",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RBJCB2HWOJLP3L7CUQHJHNBHLSVOXJE5/"
          },
          {
            "name": "RHSA-2019:1260",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1260"
          },
          {
            "name": "[debian-lts-announce] 20190625 [SECURITY] [DLA 1834-1] python2.7 security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html"
          },
          {
            "name": "[debian-lts-announce] 20190625 [SECURITY] [DLA 1835-1] python3.4 security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html"
          },
          {
            "name": "RHSA-2019:2030",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:2030"
          },
          {
            "name": "RHSA-2019:3725",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:3725"
          },
          {
            "name": "openSUSE-SU-2020:0086",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html"
          },
          {
            "name": "[bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Python",
          "vendor": "The Python Project",
          "versions": [
            {
              "status": "affected",
              "version": "3.8, 3.7, 3.6, 3.5, 3.4, 2.7"
            }
          ]
        }
      ],
      "datePublic": "2018-09-21T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Python\u0027s elementtree C accelerator failed to initialise Expat\u0027s hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause pathological hash collisions in Expat\u0027s internal data structures, consuming large amounts CPU and RAM. The vulnerability exists in Python versions 3.7.0, 3.6.0 through 3.6.6, 3.5.0 through 3.5.6, 3.4.0 through 3.4.9, 2.7.0 through 2.7.15."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-665",
              "description": "CWE-665",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-335",
              "description": "CWE-335",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-29T11:06:41.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "DSA-4306",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4306"
        },
        {
          "name": "USN-3817-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3817-2/"
        },
        {
          "name": "1041740",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041740"
        },
        {
          "name": "105396",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105396"
        },
        {
          "name": "DSA-4307",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4307"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugs.python.org/issue34623"
        },
        {
          "name": "USN-3817-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3817-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14647"
        },
        {
          "name": "FEDORA-2019-0c91ce7b3c",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RBJCB2HWOJLP3L7CUQHJHNBHLSVOXJE5/"
        },
        {
          "name": "RHSA-2019:1260",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1260"
        },
        {
          "name": "[debian-lts-announce] 20190625 [SECURITY] [DLA 1834-1] python2.7 security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html"
        },
        {
          "name": "[debian-lts-announce] 20190625 [SECURITY] [DLA 1835-1] python3.4 security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html"
        },
        {
          "name": "RHSA-2019:2030",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:2030"
        },
        {
          "name": "RHSA-2019:3725",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:3725"
        },
        {
          "name": "openSUSE-SU-2020:0086",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html"
        },
        {
          "name": "[bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2018-14647",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Python",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "3.8, 3.7, 3.6, 3.5, 3.4, 2.7"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "The Python Project"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Python\u0027s elementtree C accelerator failed to initialise Expat\u0027s hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause pathological hash collisions in Expat\u0027s internal data structures, consuming large amounts CPU and RAM. The vulnerability exists in Python versions 3.7.0, 3.6.0 through 3.6.6, 3.5.0 through 3.5.6, 3.4.0 through 3.4.9, 2.7.0 through 2.7.15."
            }
          ]
        },
        "impact": {
          "cvss": [
            [
              {
                "vectorString": "5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.0"
              }
            ]
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-665"
                }
              ]
            },
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-335"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-4306",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4306"
            },
            {
              "name": "USN-3817-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3817-2/"
            },
            {
              "name": "1041740",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041740"
            },
            {
              "name": "105396",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105396"
            },
            {
              "name": "DSA-4307",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4307"
            },
            {
              "name": "https://bugs.python.org/issue34623",
              "refsource": "MISC",
              "url": "https://bugs.python.org/issue34623"
            },
            {
              "name": "USN-3817-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3817-1/"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14647",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14647"
            },
            {
              "name": "FEDORA-2019-0c91ce7b3c",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBJCB2HWOJLP3L7CUQHJHNBHLSVOXJE5/"
            },
            {
              "name": "RHSA-2019:1260",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1260"
            },
            {
              "name": "[debian-lts-announce] 20190625 [SECURITY] [DLA 1834-1] python2.7 security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html"
            },
            {
              "name": "[debian-lts-announce] 20190625 [SECURITY] [DLA 1835-1] python3.4 security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html"
            },
            {
              "name": "RHSA-2019:2030",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:2030"
            },
            {
              "name": "RHSA-2019:3725",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:3725"
            },
            {
              "name": "openSUSE-SU-2020:0086",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html"
            },
            {
              "name": "[bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2018-14647",
    "datePublished": "2018-09-25T00:00:00.000Z",
    "dateReserved": "2018-07-27T00:00:00.000Z",
    "dateUpdated": "2024-08-05T09:38:13.104Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-14282 (GCVE-0-2018-14282)

Vulnerability from cvelistv5 – Published: 2018-07-31 20:00 – Updated: 2024-08-05 09:21
VLAI
Summary
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of FlateDecode streams. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5763.
Severity
No CVSS data available.
CWE
  • CWE-665 - Improper Initialization
Assigner
zdi
References
Impacted products
Vendor Product Version
Foxit Foxit Reader Affected: 9.0.1.1049
Create a notification for this product.
Date Public
2018-07-19 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:21:41.542Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://zerodayinitiative.com/advisories/ZDI-18-742"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Foxit Reader",
          "vendor": "Foxit",
          "versions": [
            {
              "status": "affected",
              "version": "9.0.1.1049"
            }
          ]
        }
      ],
      "datePublic": "2018-07-19T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of FlateDecode streams. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5763."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-665",
              "description": "CWE-665-Improper Initialization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-07-31T19:57:01.000Z",
        "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "shortName": "zdi"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://zerodayinitiative.com/advisories/ZDI-18-742"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "zdi-disclosures@trendmicro.com",
          "ID": "CVE-2018-14282",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Foxit Reader",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "9.0.1.1049"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Foxit"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of FlateDecode streams. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5763."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-665-Improper Initialization"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://zerodayinitiative.com/advisories/ZDI-18-742",
              "refsource": "MISC",
              "url": "https://zerodayinitiative.com/advisories/ZDI-18-742"
            },
            {
              "name": "https://www.foxitsoftware.com/support/security-bulletins.php",
              "refsource": "CONFIRM",
              "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
    "assignerShortName": "zdi",
    "cveId": "CVE-2018-14282",
    "datePublished": "2018-07-31T20:00:00.000Z",
    "dateReserved": "2018-07-16T00:00:00.000Z",
    "dateUpdated": "2024-08-05T09:21:41.542Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation MIT-3
Requirements

Strategy: Language Selection

  • Use a language that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
  • For example, in Java, if the programmer does not explicitly initialize a variable, then the code could produce a compile-time error (if the variable is local) or automatically initialize the variable to the default value for the variable's type. In Perl, if explicit initialization is not performed, then a default value of undef is assigned, which is interpreted as 0, false, or an equivalent value depending on the context in which the variable is accessed.
Mitigation
Architecture and Design

Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.

Mitigation
Implementation

Explicitly initialize all your variables and other data stores, either during declaration or just before the first usage.

Mitigation
Implementation

Pay close attention to complex conditionals that affect initialization, since some conditions might not perform the initialization.

Mitigation
Implementation

Avoid race conditions (CWE-362) during initialization routines.

Mitigation
Build and Compilation

Run or compile your product with settings that generate warnings about uninitialized variables or data.

CAPEC-26: Leveraging Race Conditions

The adversary targets a race condition occurring when multiple processes access and manipulate the same resource concurrently, and the outcome of the execution depends on the particular order in which the access takes place. The adversary can leverage a race condition by "running the race", modifying the resource and modifying the normal execution flow. For instance, a race condition can occur while accessing a file: the adversary can trick the system by replacing the original file with their version and cause the system to read the malicious file.

CAPEC-29: Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions

This attack targets a race condition occurring between the time of check (state) for a resource and the time of use of a resource. A typical example is file access. The adversary can leverage a file access race condition by "running the race", meaning that they would modify the resource between the first time the target program accesses the file and the time the target program uses the file. During that period of time, the adversary could replace or modify the file, causing the application to behave unexpectedly.