Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2019-AVI-288
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans Apple AirPort. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "AirPort Express, AirPort Extreme et AirPort Time Capsule base stations avec 802.11n sans la mise \u00e0 jour du microgiciel version 7.8.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-8575",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8575"
},
{
"name": "CVE-2018-6918",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6918"
},
{
"name": "CVE-2019-8588",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8588"
},
{
"name": "CVE-2019-7291",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7291"
},
{
"name": "CVE-2019-8580",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8580"
},
{
"name": "CVE-2019-8572",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8572"
},
{
"name": "CVE-2019-8581",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8581"
},
{
"name": "CVE-2019-8578",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8578"
}
],
"initial_release_date": "2019-06-21T00:00:00",
"last_revision_date": "2019-06-21T00:00:00",
"links": [],
"reference": "CERTFR-2019-AVI-288",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-06-21T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Apple AirPort.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple AirPort",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT210091 du 20 juin 2019",
"url": "https://support.apple.com/en-us/HT210091"
}
]
}
CVE-2018-6918 (GCVE-0-2018-6918)
Vulnerability from cvelistv5
Published
2018-04-04 14:00
Modified
2024-09-17 02:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Kernel crash or denial of service
Summary
In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELEASE-p8 and 10.3-RELEASE-p28, the length field of the ipsec option header does not count the size of the option header itself, causing an infinite loop when the length is zero. This issue can allow a remote attacker who is able to send an arbitrary packet to cause the machine to crash.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:17:17.259Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040628",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040628"
},
{
"name": "FreeBSD-SA-18:05",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:05.ipsec.asc"
},
{
"name": "103666",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103666"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT210090"
},
{
"name": "20190531 APPLE-SA-2019-5-30-1 AirPort Base Station Firmware Update 7.9.1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/May/77"
},
{
"name": "20190611 APPLE-SA-2019-5-30-1 AirPort Base Station Firmware Update 7.9.1",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/6"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT210091"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FreeBSD",
"vendor": "FreeBSD",
"versions": [
{
"status": "affected",
"version": "All supported versions of FreeBSD."
}
]
}
],
"datePublic": "2018-04-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELEASE-p8 and 10.3-RELEASE-p28, the length field of the ipsec option header does not count the size of the option header itself, causing an infinite loop when the length is zero. This issue can allow a remote attacker who is able to send an arbitrary packet to cause the machine to crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Kernel crash or denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-20T20:06:04",
"orgId": "63664ac6-956c-4cba-a5d0-f46076e16109",
"shortName": "freebsd"
},
"references": [
{
"name": "1040628",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040628"
},
{
"name": "FreeBSD-SA-18:05",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:05.ipsec.asc"
},
{
"name": "103666",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103666"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT210090"
},
{
"name": "20190531 APPLE-SA-2019-5-30-1 AirPort Base Station Firmware Update 7.9.1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/May/77"
},
{
"name": "20190611 APPLE-SA-2019-5-30-1 AirPort Base Station Firmware Update 7.9.1",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/6"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT210091"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secteam@freebsd.org",
"DATE_PUBLIC": "2018-04-04T00:00:00",
"ID": "CVE-2018-6918",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FreeBSD",
"version": {
"version_data": [
{
"version_value": "All supported versions of FreeBSD."
}
]
}
}
]
},
"vendor_name": "FreeBSD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELEASE-p8 and 10.3-RELEASE-p28, the length field of the ipsec option header does not count the size of the option header itself, causing an infinite loop when the length is zero. This issue can allow a remote attacker who is able to send an arbitrary packet to cause the machine to crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Kernel crash or denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040628",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040628"
},
{
"name": "FreeBSD-SA-18:05",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:05.ipsec.asc"
},
{
"name": "103666",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103666"
},
{
"name": "https://support.apple.com/kb/HT210090",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT210090"
},
{
"name": "20190531 APPLE-SA-2019-5-30-1 AirPort Base Station Firmware Update 7.9.1",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/May/77"
},
{
"name": "20190611 APPLE-SA-2019-5-30-1 AirPort Base Station Firmware Update 7.9.1",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Jun/6"
},
{
"name": "https://support.apple.com/kb/HT210091",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT210091"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "63664ac6-956c-4cba-a5d0-f46076e16109",
"assignerShortName": "freebsd",
"cveId": "CVE-2018-6918",
"datePublished": "2018-04-04T14:00:00Z",
"dateReserved": "2018-02-12T00:00:00",
"dateUpdated": "2024-09-17T02:12:06.548Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8575 (GCVE-0-2019-8575)
Vulnerability from cvelistv5
Published
2020-10-27 19:25
Modified
2024-08-04 21:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- A base station factory reset may not delete all user information
Summary
The issue was addressed with improved data deletion. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A base station factory reset may not delete all user information.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Apple | AirPort Base Station Firmware Update |
Version: unspecified < 7.9 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:24:28.919Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT210090"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT210091"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AirPort Base Station Firmware Update",
"vendor": "Apple",
"versions": [
{
"lessThan": "7.9",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "AirPort Base Station Firmware Update",
"vendor": "Apple",
"versions": [
{
"lessThan": "7.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved data deletion. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A base station factory reset may not delete all user information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A base station factory reset may not delete all user information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-27T19:25:33",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT210090"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT210091"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2019-8575",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AirPort Base Station Firmware Update",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "7.9"
}
]
}
},
{
"product_name": "AirPort Base Station Firmware Update",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "7.8"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved data deletion. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A base station factory reset may not delete all user information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A base station factory reset may not delete all user information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/en-us/HT210090",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT210090"
},
{
"name": "https://support.apple.com/en-us/HT210091",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT210091"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2019-8575",
"datePublished": "2020-10-27T19:25:33",
"dateReserved": "2019-02-18T00:00:00",
"dateUpdated": "2024-08-04T21:24:28.919Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8581 (GCVE-0-2019-8581)
Vulnerability from cvelistv5
Published
2020-10-27 19:37
Modified
2024-08-04 21:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- A remote attacker may be able to leak memory
Summary
An out-of-bounds read was addressed with improved input validation. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to leak memory.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Apple | AirPort Base Station Firmware Update |
Version: unspecified < 7.9 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:24:27.842Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT210090"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT210091"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AirPort Base Station Firmware Update",
"vendor": "Apple",
"versions": [
{
"lessThan": "7.9",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "AirPort Base Station Firmware Update",
"vendor": "Apple",
"versions": [
{
"lessThan": "7.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to leak memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A remote attacker may be able to leak memory",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-27T19:37:37",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT210090"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT210091"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2019-8581",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AirPort Base Station Firmware Update",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "7.9"
}
]
}
},
{
"product_name": "AirPort Base Station Firmware Update",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "7.8"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to leak memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote attacker may be able to leak memory"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/en-us/HT210090",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT210090"
},
{
"name": "https://support.apple.com/en-us/HT210091",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT210091"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2019-8581",
"datePublished": "2020-10-27T19:37:37",
"dateReserved": "2019-02-18T00:00:00",
"dateUpdated": "2024-08-04T21:24:27.842Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8588 (GCVE-0-2019-8588)
Vulnerability from cvelistv5
Published
2020-10-27 19:37
Modified
2024-08-04 21:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- A remote attacker may be able to cause a system denial of service
Summary
A null pointer dereference was addressed with improved input validation. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to cause a system denial of service.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Apple | AirPort Base Station Firmware Update |
Version: unspecified < 7.9 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:24:29.071Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT210090"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT210091"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AirPort Base Station Firmware Update",
"vendor": "Apple",
"versions": [
{
"lessThan": "7.9",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "AirPort Base Station Firmware Update",
"vendor": "Apple",
"versions": [
{
"lessThan": "7.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A null pointer dereference was addressed with improved input validation. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to cause a system denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A remote attacker may be able to cause a system denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-27T19:37:50",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT210090"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT210091"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2019-8588",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AirPort Base Station Firmware Update",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "7.9"
}
]
}
},
{
"product_name": "AirPort Base Station Firmware Update",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "7.8"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A null pointer dereference was addressed with improved input validation. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to cause a system denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote attacker may be able to cause a system denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/en-us/HT210090",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT210090"
},
{
"name": "https://support.apple.com/en-us/HT210091",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT210091"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2019-8588",
"datePublished": "2020-10-27T19:37:50",
"dateReserved": "2019-02-18T00:00:00",
"dateUpdated": "2024-08-04T21:24:29.071Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-7291 (GCVE-0-2019-7291)
Vulnerability from cvelistv5
Published
2020-10-27 19:24
Modified
2024-08-04 20:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- An attacker in a privileged position may be able to perform a denial of service attack
Summary
A denial of service issue was addressed with improved memory handling. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. An attacker in a privileged position may be able to perform a denial of service attack.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Apple | AirPort Base Station Firmware Update |
Version: unspecified < 7.9 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:46:46.360Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT210090"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT210091"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AirPort Base Station Firmware Update",
"vendor": "Apple",
"versions": [
{
"lessThan": "7.9",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "AirPort Base Station Firmware Update",
"vendor": "Apple",
"versions": [
{
"lessThan": "7.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A denial of service issue was addressed with improved memory handling. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. An attacker in a privileged position may be able to perform a denial of service attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "An attacker in a privileged position may be able to perform a denial of service attack",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-27T19:24:01",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT210090"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT210091"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2019-7291",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AirPort Base Station Firmware Update",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "7.9"
}
]
}
},
{
"product_name": "AirPort Base Station Firmware Update",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "7.8"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A denial of service issue was addressed with improved memory handling. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. An attacker in a privileged position may be able to perform a denial of service attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An attacker in a privileged position may be able to perform a denial of service attack"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/en-us/HT210090",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT210090"
},
{
"name": "https://support.apple.com/en-us/HT210091",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT210091"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2019-7291",
"datePublished": "2020-10-27T19:24:01",
"dateReserved": "2019-01-31T00:00:00",
"dateUpdated": "2024-08-04T20:46:46.360Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8580 (GCVE-0-2019-8580)
Vulnerability from cvelistv5
Published
2020-10-27 19:34
Modified
2024-08-04 21:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Source-routed IPv4 packets may be unexpectedly accepted
Summary
Source-routed IPv4 packets were disabled by default. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. Source-routed IPv4 packets may be unexpectedly accepted.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Apple | AirPort Base Station Firmware Update |
Version: unspecified < 7.9 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:24:27.838Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT210090"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT210091"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AirPort Base Station Firmware Update",
"vendor": "Apple",
"versions": [
{
"lessThan": "7.9",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "AirPort Base Station Firmware Update",
"vendor": "Apple",
"versions": [
{
"lessThan": "7.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Source-routed IPv4 packets were disabled by default. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. Source-routed IPv4 packets may be unexpectedly accepted."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Source-routed IPv4 packets may be unexpectedly accepted",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-27T19:34:24",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT210090"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT210091"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2019-8580",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AirPort Base Station Firmware Update",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "7.9"
}
]
}
},
{
"product_name": "AirPort Base Station Firmware Update",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "7.8"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Source-routed IPv4 packets were disabled by default. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. Source-routed IPv4 packets may be unexpectedly accepted."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Source-routed IPv4 packets may be unexpectedly accepted"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/en-us/HT210090",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT210090"
},
{
"name": "https://support.apple.com/en-us/HT210091",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT210091"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2019-8580",
"datePublished": "2020-10-27T19:34:24",
"dateReserved": "2019-02-18T00:00:00",
"dateUpdated": "2024-08-04T21:24:27.838Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8578 (GCVE-0-2019-8578)
Vulnerability from cvelistv5
Published
2020-10-27 19:27
Modified
2024-08-04 21:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- A remote attacker may be able to cause arbitrary code execution
Summary
A use after free issue was addressed with improved memory management. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to cause arbitrary code execution.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Apple | AirPort Base Station Firmware Update |
Version: unspecified < 7.9 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:24:29.189Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT210090"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT210091"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AirPort Base Station Firmware Update",
"vendor": "Apple",
"versions": [
{
"lessThan": "7.9",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "AirPort Base Station Firmware Update",
"vendor": "Apple",
"versions": [
{
"lessThan": "7.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A use after free issue was addressed with improved memory management. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to cause arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A remote attacker may be able to cause arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-27T19:27:13",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT210090"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT210091"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2019-8578",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AirPort Base Station Firmware Update",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "7.9"
}
]
}
},
{
"product_name": "AirPort Base Station Firmware Update",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "7.8"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A use after free issue was addressed with improved memory management. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to cause arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote attacker may be able to cause arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/en-us/HT210090",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT210090"
},
{
"name": "https://support.apple.com/en-us/HT210091",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT210091"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2019-8578",
"datePublished": "2020-10-27T19:27:13",
"dateReserved": "2019-02-18T00:00:00",
"dateUpdated": "2024-08-04T21:24:29.189Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8572 (GCVE-0-2019-8572)
Vulnerability from cvelistv5
Published
2020-10-27 19:26
Modified
2024-08-04 21:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- A remote attacker may be able to cause arbitrary code execution
Summary
A null pointer dereference was addressed with improved input validation. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to cause arbitrary code execution.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Apple | AirPort Base Station Firmware Update |
Version: unspecified < 7.9 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:24:28.340Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT210090"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT210091"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AirPort Base Station Firmware Update",
"vendor": "Apple",
"versions": [
{
"lessThan": "7.9",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "AirPort Base Station Firmware Update",
"vendor": "Apple",
"versions": [
{
"lessThan": "7.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A null pointer dereference was addressed with improved input validation. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to cause arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A remote attacker may be able to cause arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-27T19:26:45",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT210090"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT210091"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2019-8572",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AirPort Base Station Firmware Update",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "7.9"
}
]
}
},
{
"product_name": "AirPort Base Station Firmware Update",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "7.8"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A null pointer dereference was addressed with improved input validation. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to cause arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote attacker may be able to cause arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/en-us/HT210090",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT210090"
},
{
"name": "https://support.apple.com/en-us/HT210091",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT210091"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2019-8572",
"datePublished": "2020-10-27T19:26:45",
"dateReserved": "2019-02-18T00:00:00",
"dateUpdated": "2024-08-04T21:24:28.340Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…