var-201908-0706
Vulnerability from variot
Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Leak in the IGMPv3 client component. There is an IPNET security vulnerability: IGMP Information leak via IGMPv3 specific membership report. The vulnerability stems from the process of constructing command parameters from external input data. The network system or product does not properly filter the special characters in the parameters. An attacker could exploit the vulnerability to execute an illegal command. This vulnerability stems from improper management of system resources (such as memory, disk space, files, etc.) by network systems or products. The following products and versions are affected: Wind River Systems VxWorks Version 7, Version 6.9, Version 6.8, Version 6.7, Version 6.6. A vulnerability in the IGMPv3 client component of Wind River VxWorks could allow unauthenticated, remote malicious user to access sensitive information on a targeted system.
Proof-of-concept (PoC) code that demonstrates an exploit of this vulnerability is publicly available
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201908-0706",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": "eq",
"trust": 2.4,
"vendor": "sonicos",
"version": "*"
},
{
"model": "sonicos",
"scope": "gte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.2.5.0"
},
{
"model": "sonicos",
"scope": "lte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.5.0.3"
},
{
"model": "sonicos",
"scope": "gte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.2.6.0"
},
{
"model": "sonicos",
"scope": "lte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.5.1.4"
},
{
"model": "sonicos",
"scope": "gte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.5.4.0."
},
{
"model": "vxworks",
"scope": "eq",
"trust": 1.0,
"vendor": "windriver",
"version": "7.0"
},
{
"model": "hirschmann hios",
"scope": "lte",
"trust": 1.0,
"vendor": "belden",
"version": "07.5.01"
},
{
"model": "sonicos",
"scope": "gte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "5.9.0.0"
},
{
"model": "e-series santricity os controller",
"scope": "lte",
"trust": 1.0,
"vendor": "netapp",
"version": "8.40.50.00"
},
{
"model": "sonicos",
"scope": "gte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.2.7.0"
},
{
"model": "ruggedcom win7000",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "bs5.2.461.17"
},
{
"model": "hirschmann hios",
"scope": "lte",
"trust": 1.0,
"vendor": "belden",
"version": "07.2.04"
},
{
"model": "sonicos",
"scope": "lte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.2.7.4"
},
{
"model": "hirschmann hios",
"scope": "lte",
"trust": 1.0,
"vendor": "belden",
"version": "05.3.06"
},
{
"model": "sonicos",
"scope": "gte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "5.9.1.0."
},
{
"model": "ruggedcom win7200",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "bs5.2.461.17"
},
{
"model": "power meter 9810",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "garrettcom magnum dx940e",
"scope": "lte",
"trust": 1.0,
"vendor": "belden",
"version": "1.0.1_y7"
},
{
"model": "siprotec 5",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "7.59"
},
{
"model": "sonicos",
"scope": "eq",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.2.7.7"
},
{
"model": "vxworks",
"scope": "lt",
"trust": 1.0,
"vendor": "windriver",
"version": "6.9.4.12"
},
{
"model": "sonicos",
"scope": "gte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.2.0.0"
},
{
"model": "sonicos",
"scope": "lte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.5.2.3"
},
{
"model": "e-series santricity os controller",
"scope": "gte",
"trust": 1.0,
"vendor": "netapp",
"version": "8.00"
},
{
"model": "sonicos",
"scope": "lte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "5.9.1.12"
},
{
"model": "sonicos",
"scope": "gte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.2.9.0"
},
{
"model": "sonicos",
"scope": "gte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.5.1.0"
},
{
"model": "sonicos",
"scope": "lte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.2.9.2"
},
{
"model": "power meter 9410",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.2.1"
},
{
"model": "sonicos",
"scope": "eq",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.2.7.0"
},
{
"model": "sonicos",
"scope": "lte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.2.3.1"
},
{
"model": "sonicos",
"scope": "eq",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.2.7.1"
},
{
"model": "ruggedcom win7018",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "bs5.2.461.17"
},
{
"model": "sonicos",
"scope": "gte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.2.4.0"
},
{
"model": "sonicos",
"scope": "lte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.5.3.3"
},
{
"model": "sonicos",
"scope": "gte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.5.0.0"
},
{
"model": "sonicos",
"scope": "lte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.2.5.3"
},
{
"model": "vxworks",
"scope": "gte",
"trust": 1.0,
"vendor": "windriver",
"version": "6.5"
},
{
"model": "ruggedcom win7025",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "bs5.2.461.17"
},
{
"model": "sonicos",
"scope": "lte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.2.4.3"
},
{
"model": "sonicos",
"scope": "gte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.5.2.0"
},
{
"model": "sonicos",
"scope": "lte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.2.6.1"
},
{
"model": "sonicos",
"scope": "lte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "5.9.0.7"
},
{
"model": "sonicos",
"scope": "gte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.5.3.0"
},
{
"model": "siprotec 5",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "7.91"
},
{
"model": "hirschmann hios",
"scope": "lte",
"trust": 1.0,
"vendor": "belden",
"version": "07.0.07"
},
{
"model": "sonicos",
"scope": "lte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.5.4.3"
},
{
"model": "e-series santricity os controller",
"scope": null,
"trust": 0.8,
"vendor": "netapp",
"version": null
},
{
"model": "siprotec 5",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "sonicos",
"scope": null,
"trust": 0.8,
"vendor": "sonicwall",
"version": null
},
{
"model": "vxworks",
"scope": null,
"trust": 0.8,
"vendor": "\u30a6\u30a4\u30f3\u30c9\u30ea\u30d0\u30fc\u682a\u5f0f\u4f1a\u793e",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "siprotec 5",
"version": "*"
},
{
"model": "river systems wind river systems vxworks",
"scope": "eq",
"trust": 0.6,
"vendor": "wind",
"version": "6.9"
},
{
"model": "river systems wind river systems vxworks",
"scope": "eq",
"trust": 0.6,
"vendor": "wind",
"version": "6.8"
},
{
"model": "river systems wind river systems vxworks",
"scope": "eq",
"trust": 0.6,
"vendor": "wind",
"version": "6.7"
},
{
"model": "river systems wind river systems vxworks",
"scope": "eq",
"trust": 0.6,
"vendor": "wind",
"version": "6.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vxworks",
"version": "6.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vxworks",
"version": "6.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vxworks",
"version": "6.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vxworks",
"version": "6.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vxworks",
"version": "6.9.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vxworks",
"version": "6.9.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "e series santricity os controller",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sonicos",
"version": "6.2.7.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sonicos",
"version": "6.2.7.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sonicos",
"version": "6.2.7.7"
}
],
"sources": [
{
"db": "IVD",
"id": "14a30265-6509-41d2-8c7a-3a278582ea2a"
},
{
"db": "CNVD",
"id": "CNVD-2019-25707"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007852"
},
{
"db": "NVD",
"id": "CVE-2019-12265"
}
]
},
"cve": "CVE-2019-12265",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2019-12265",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2019-25707",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "14a30265-6509-41d2-8c7a-3a278582ea2a",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-143994",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2019-12265",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2019-12265",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-12265",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-12265",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2019-25707",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201907-1489",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "14a30265-6509-41d2-8c7a-3a278582ea2a",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-143994",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-12265",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "14a30265-6509-41d2-8c7a-3a278582ea2a"
},
{
"db": "CNVD",
"id": "CNVD-2019-25707"
},
{
"db": "VULHUB",
"id": "VHN-143994"
},
{
"db": "VULMON",
"id": "CVE-2019-12265"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007852"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-1489"
},
{
"db": "NVD",
"id": "CVE-2019-12265"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Leak in the IGMPv3 client component. There is an IPNET security vulnerability: IGMP Information leak via IGMPv3 specific membership report. The vulnerability stems from the process of constructing command parameters from external input data. The network system or product does not properly filter the special characters in the parameters. An attacker could exploit the vulnerability to execute an illegal command. This vulnerability stems from improper management of system resources (such as memory, disk space, files, etc.) by network systems or products. The following products and versions are affected: Wind River Systems VxWorks Version 7, Version 6.9, Version 6.8, Version 6.7, Version 6.6. A vulnerability in the IGMPv3 client component of Wind River VxWorks could allow unauthenticated, remote malicious user to access sensitive information on a targeted system. \n\nProof-of-concept (PoC) code that demonstrates an exploit of this vulnerability is publicly available",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-12265"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007852"
},
{
"db": "CNVD",
"id": "CNVD-2019-25707"
},
{
"db": "IVD",
"id": "14a30265-6509-41d2-8c7a-3a278582ea2a"
},
{
"db": "VULHUB",
"id": "VHN-143994"
},
{
"db": "VULMON",
"id": "CVE-2019-12265"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-12265",
"trust": 4.2
},
{
"db": "SIEMENS",
"id": "SSA-352504",
"trust": 1.8
},
{
"db": "SIEMENS",
"id": "SSA-189842",
"trust": 1.8
},
{
"db": "SIEMENS",
"id": "SSA-632562",
"trust": 1.8
},
{
"db": "ICS CERT",
"id": "ICSA-19-274-01",
"trust": 1.4
},
{
"db": "ICS CERT",
"id": "ICSA-19-211-01",
"trust": 1.4
},
{
"db": "ICS CERT",
"id": "ICSMA-19-274-01",
"trust": 1.4
},
{
"db": "CNNVD",
"id": "CNNVD-201907-1489",
"trust": 0.9
},
{
"db": "ICS CERT",
"id": "ICSA-23-320-10",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2019-25707",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU92598492",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU92467308",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007852",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2019.3695.5",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ASB-2019.0224",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.3245",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.2856",
"trust": 0.6
},
{
"db": "IVD",
"id": "14A30265-6509-41D2-8C7A-3A278582EA2A",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-143994",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-12265",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "14a30265-6509-41d2-8c7a-3a278582ea2a"
},
{
"db": "CNVD",
"id": "CNVD-2019-25707"
},
{
"db": "VULHUB",
"id": "VHN-143994"
},
{
"db": "VULMON",
"id": "CVE-2019-12265"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007852"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-1489"
},
{
"db": "NVD",
"id": "CVE-2019-12265"
}
]
},
"id": "VAR-201908-0706",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "14a30265-6509-41d2-8c7a-3a278582ea2a"
},
{
"db": "CNVD",
"id": "CNVD-2019-25707"
},
{
"db": "VULHUB",
"id": "VHN-143994"
}
],
"trust": 1.4289024700000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "14a30265-6509-41d2-8c7a-3a278582ea2a"
},
{
"db": "CNVD",
"id": "CNVD-2019-25707"
}
]
},
"last_update_date": "2024-11-23T19:39:29.925000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security\u00a0Notices Siemens Siemens\u00a0Security\u00a0Advisory",
"trust": 0.8,
"url": "https://security.netapp.com/advisory/ntap-20190802-0001/"
},
{
"title": "Patch for Wind River Systems VxWorks Parameter Injection Vulnerability (CNVD-2019-25707)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/172953"
},
{
"title": "Wind River Systems VxWorks Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=95604"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2019/07/29/wind_river_patches_vxworks/"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=1f919286ef48798d96223ef4d2143337"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=2dd69ca01b84b80e09672fedb1c26f51"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=99fa839be73f2df819a67c27caa912f8"
},
{
"title": "Fortinet Security Advisories: Wind River VxWorks IPnet TCP/IP Stack Vulnerabilities (aka. URGENT/11)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=fortinet_security_advisories\u0026qid=FG-IR-19-222"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-25707"
},
{
"db": "VULMON",
"id": "CVE-2019-12265"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007852"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-1489"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-401",
"trust": 1.1
},
{
"problemtype": "resource management issues (CWE-399) [NVD evaluation ]",
"trust": 0.8
},
{
"problemtype": "CWE-399",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-143994"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007852"
},
{
"db": "NVD",
"id": "CVE-2019-12265"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=cve-2019-12265"
},
{
"trust": 1.8,
"url": "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/"
},
{
"trust": 1.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf"
},
{
"trust": 1.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf"
},
{
"trust": 1.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf"
},
{
"trust": 1.8,
"url": "https://psirt.global.sonicwall.com/vuln-detail/snwlid-2019-0009"
},
{
"trust": 1.8,
"url": "https://security.netapp.com/advisory/ntap-20190802-0001/"
},
{
"trust": 1.8,
"url": "https://support.f5.com/csp/article/k41190253"
},
{
"trust": 1.8,
"url": "https://support2.windriver.com/index.php?page=security-notices"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-12265"
},
{
"trust": 1.4,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-274-01"
},
{
"trust": 1.4,
"url": "https://www.us-cert.gov/ics/advisories/icsma-19-274-01"
},
{
"trust": 1.4,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-211-01"
},
{
"trust": 0.9,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-10"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92467308/"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92598492/index.html"
},
{
"trust": 0.6,
"url": "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/security-advisory-ipnet/security-advisory-ipnet.pdf"
},
{
"trust": 0.6,
"url": "https://www.tenable.com/blog/critical-vulnerabilities-dubbed-urgent11-place-devices-running-vxworks-at-risk-of-rce-attacks"
},
{
"trust": 0.6,
"url": "https://fortiguard.com/psirt/fg-ir-19-222"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.3695.5/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2856/"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/wind-river-vxworks-multiple-vulnerabilities-via-ipnet-29905"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/asb-2019.0224/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.3245/"
},
{
"trust": 0.1,
"url": "https://support2.windriver.com/index.php?page=cve\u0026amp;on=view\u0026amp;id=cve-2019-12265"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/401.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=60689"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-25707"
},
{
"db": "VULHUB",
"id": "VHN-143994"
},
{
"db": "VULMON",
"id": "CVE-2019-12265"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007852"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-1489"
},
{
"db": "NVD",
"id": "CVE-2019-12265"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "14a30265-6509-41d2-8c7a-3a278582ea2a"
},
{
"db": "CNVD",
"id": "CNVD-2019-25707"
},
{
"db": "VULHUB",
"id": "VHN-143994"
},
{
"db": "VULMON",
"id": "CVE-2019-12265"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007852"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-1489"
},
{
"db": "NVD",
"id": "CVE-2019-12265"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-08-02T00:00:00",
"db": "IVD",
"id": "14a30265-6509-41d2-8c7a-3a278582ea2a"
},
{
"date": "2019-08-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-25707"
},
{
"date": "2019-08-09T00:00:00",
"db": "VULHUB",
"id": "VHN-143994"
},
{
"date": "2019-08-09T00:00:00",
"db": "VULMON",
"id": "CVE-2019-12265"
},
{
"date": "2019-08-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-007852"
},
{
"date": "2019-07-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-1489"
},
{
"date": "2019-08-09T19:15:11.327000",
"db": "NVD",
"id": "CVE-2019-12265"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-08-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-25707"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-143994"
},
{
"date": "2022-08-12T00:00:00",
"db": "VULMON",
"id": "CVE-2019-12265"
},
{
"date": "2023-11-21T01:26:00",
"db": "JVNDB",
"id": "JVNDB-2019-007852"
},
{
"date": "2022-03-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-1489"
},
{
"date": "2024-11-21T04:22:31.523000",
"db": "NVD",
"id": "CVE-2019-12265"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-1489"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wind\u00a0River\u00a0VxWorks\u00a0 Vulnerabilities related to resource management in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-007852"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Resource management error",
"sources": [
{
"db": "IVD",
"id": "14a30265-6509-41d2-8c7a-3a278582ea2a"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-1489"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.