VAR-201908-0715
Vulnerability from variot - Updated: 2024-11-23 20:18Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. This is a IPNET security vulnerability: DoS of TCP connection via malformed TCP options. Wind River Systems VxWorks is an embedded real-time operating system (RTOS) from Wind River Systems. This vulnerability stems from the lack of authentication measures or insufficient authentication strength in network systems or products. The following products and versions are affected: Wind River Systems VxWorks Version 7, Version 6.9, Version 6.8, Version 6.7, Version 6.6. A vulnerability in Wind River VxWorks could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on a targeted system. A successful exploit could allow the malicious user to cause a DoS condition on the targeted system
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201908-0715",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": "eq",
"trust": 2.4,
"vendor": "sonicos",
"version": "*"
},
{
"model": "sonicos",
"scope": "gte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.2.5.0"
},
{
"model": "sonicos",
"scope": "lte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.5.0.3"
},
{
"model": "sonicos",
"scope": "gte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.2.6.0"
},
{
"model": "sonicos",
"scope": "lte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.5.1.4"
},
{
"model": "sonicos",
"scope": "gte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.5.4.0."
},
{
"model": "vxworks",
"scope": "eq",
"trust": 1.0,
"vendor": "windriver",
"version": "7.0"
},
{
"model": "hirschmann hios",
"scope": "lte",
"trust": 1.0,
"vendor": "belden",
"version": "07.5.01"
},
{
"model": "sonicos",
"scope": "gte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "5.9.0.0"
},
{
"model": "e-series santricity os controller",
"scope": "lte",
"trust": 1.0,
"vendor": "netapp",
"version": "8.40.50.00"
},
{
"model": "sonicos",
"scope": "gte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.2.7.0"
},
{
"model": "ruggedcom win7000",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "bs5.2.461.17"
},
{
"model": "hirschmann hios",
"scope": "lte",
"trust": 1.0,
"vendor": "belden",
"version": "07.2.04"
},
{
"model": "sonicos",
"scope": "lte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.2.7.4"
},
{
"model": "hirschmann hios",
"scope": "lte",
"trust": 1.0,
"vendor": "belden",
"version": "05.3.06"
},
{
"model": "sonicos",
"scope": "gte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "5.9.1.0."
},
{
"model": "ruggedcom win7200",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "bs5.2.461.17"
},
{
"model": "power meter 9810",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "garrettcom magnum dx940e",
"scope": "lte",
"trust": 1.0,
"vendor": "belden",
"version": "1.0.1_y7"
},
{
"model": "siprotec 5",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "7.59"
},
{
"model": "sonicos",
"scope": "eq",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.2.7.7"
},
{
"model": "vxworks",
"scope": "lt",
"trust": 1.0,
"vendor": "windriver",
"version": "6.9.4.12"
},
{
"model": "sonicos",
"scope": "gte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.2.0.0"
},
{
"model": "sonicos",
"scope": "lte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.5.2.3"
},
{
"model": "e-series santricity os controller",
"scope": "gte",
"trust": 1.0,
"vendor": "netapp",
"version": "8.00"
},
{
"model": "sonicos",
"scope": "lte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "5.9.1.12"
},
{
"model": "sonicos",
"scope": "gte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.2.9.0"
},
{
"model": "sonicos",
"scope": "gte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.5.1.0"
},
{
"model": "sonicos",
"scope": "lte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.2.9.2"
},
{
"model": "power meter 9410",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.2.1"
},
{
"model": "sonicos",
"scope": "eq",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.2.7.0"
},
{
"model": "sonicos",
"scope": "lte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.2.3.1"
},
{
"model": "sonicos",
"scope": "eq",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.2.7.1"
},
{
"model": "ruggedcom win7018",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "bs5.2.461.17"
},
{
"model": "sonicos",
"scope": "gte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.2.4.0"
},
{
"model": "sonicos",
"scope": "lte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.5.3.3"
},
{
"model": "sonicos",
"scope": "gte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.5.0.0"
},
{
"model": "sonicos",
"scope": "lte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.2.5.3"
},
{
"model": "vxworks",
"scope": "gte",
"trust": 1.0,
"vendor": "windriver",
"version": "6.5"
},
{
"model": "ruggedcom win7025",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "bs5.2.461.17"
},
{
"model": "sonicos",
"scope": "lte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.2.4.3"
},
{
"model": "sonicos",
"scope": "gte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.5.2.0"
},
{
"model": "sonicos",
"scope": "lte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.2.6.1"
},
{
"model": "sonicos",
"scope": "lte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "5.9.0.7"
},
{
"model": "sonicos",
"scope": "gte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.5.3.0"
},
{
"model": "siprotec 5",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "7.91"
},
{
"model": "hirschmann hios",
"scope": "lte",
"trust": 1.0,
"vendor": "belden",
"version": "07.0.07"
},
{
"model": "sonicos",
"scope": "lte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.5.4.3"
},
{
"model": "e-series santricity os controller",
"scope": null,
"trust": 0.8,
"vendor": "netapp",
"version": null
},
{
"model": "siprotec 5",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "sonicos",
"scope": null,
"trust": 0.8,
"vendor": "sonicwall",
"version": null
},
{
"model": "vxworks",
"scope": null,
"trust": 0.8,
"vendor": "\u30a6\u30a4\u30f3\u30c9\u30ea\u30d0\u30fc\u682a\u5f0f\u4f1a\u793e",
"version": null
},
{
"model": "river systems wind river systems vxworks",
"scope": "eq",
"trust": 0.6,
"vendor": "wind",
"version": "6.9"
},
{
"model": "river systems wind river systems vxworks",
"scope": "eq",
"trust": 0.6,
"vendor": "wind",
"version": "6.8"
},
{
"model": "river systems wind river systems vxworks",
"scope": "eq",
"trust": 0.6,
"vendor": "wind",
"version": "6.7"
},
{
"model": "river systems wind river systems vxworks",
"scope": "eq",
"trust": 0.6,
"vendor": "wind",
"version": "6.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "siprotec 5",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vxworks",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vxworks",
"version": "7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "e series santricity os controller",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sonicos",
"version": "6.2.7.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sonicos",
"version": "6.2.7.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sonicos",
"version": "6.2.7.7"
}
],
"sources": [
{
"db": "IVD",
"id": "447d6a09-30fb-4736-bac8-9c0272f13a81"
},
{
"db": "CNVD",
"id": "CNVD-2019-25703"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007842"
},
{
"db": "NVD",
"id": "CVE-2019-12258"
}
]
},
"cve": "CVE-2019-12258",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-12258",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.4,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-25703",
"impactScore": 9.2,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.4,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "447d6a09-30fb-4736-bac8-9c0272f13a81",
"impactScore": 9.2,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-143986",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-12258",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2019-12258",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-12258",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-12258",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2019-25703",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201907-1495",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "447d6a09-30fb-4736-bac8-9c0272f13a81",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-143986",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-12258",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "447d6a09-30fb-4736-bac8-9c0272f13a81"
},
{
"db": "CNVD",
"id": "CNVD-2019-25703"
},
{
"db": "VULHUB",
"id": "VHN-143986"
},
{
"db": "VULMON",
"id": "CVE-2019-12258"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007842"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-1495"
},
{
"db": "NVD",
"id": "CVE-2019-12258"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. This is a IPNET security vulnerability: DoS of TCP connection via malformed TCP options. Wind River Systems VxWorks is an embedded real-time operating system (RTOS) from Wind River Systems. This vulnerability stems from the lack of authentication measures or insufficient authentication strength in network systems or products. The following products and versions are affected: Wind River Systems VxWorks Version 7, Version 6.9, Version 6.8, Version 6.7, Version 6.6. A vulnerability in Wind River VxWorks could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on a targeted system. A successful exploit could allow the malicious user to cause a DoS condition on the targeted system",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-12258"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007842"
},
{
"db": "CNVD",
"id": "CNVD-2019-25703"
},
{
"db": "IVD",
"id": "447d6a09-30fb-4736-bac8-9c0272f13a81"
},
{
"db": "VULHUB",
"id": "VHN-143986"
},
{
"db": "VULMON",
"id": "CVE-2019-12258"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-12258",
"trust": 4.2
},
{
"db": "SIEMENS",
"id": "SSA-352504",
"trust": 1.8
},
{
"db": "SIEMENS",
"id": "SSA-189842",
"trust": 1.8
},
{
"db": "SIEMENS",
"id": "SSA-632562",
"trust": 1.8
},
{
"db": "ICS CERT",
"id": "ICSA-19-274-01",
"trust": 1.4
},
{
"db": "ICS CERT",
"id": "ICSA-19-211-01",
"trust": 1.4
},
{
"db": "ICS CERT",
"id": "ICSMA-19-274-01",
"trust": 1.4
},
{
"db": "CNNVD",
"id": "CNNVD-201907-1495",
"trust": 0.9
},
{
"db": "ICS CERT",
"id": "ICSA-23-320-10",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2019-25703",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU92598492",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU92467308",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007842",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2019.3695.5",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ASB-2019.0224",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.3245",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.2856",
"trust": 0.6
},
{
"db": "IVD",
"id": "447D6A09-30FB-4736-BAC8-9C0272F13A81",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-143986",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-12258",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "447d6a09-30fb-4736-bac8-9c0272f13a81"
},
{
"db": "CNVD",
"id": "CNVD-2019-25703"
},
{
"db": "VULHUB",
"id": "VHN-143986"
},
{
"db": "VULMON",
"id": "CVE-2019-12258"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007842"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-1495"
},
{
"db": "NVD",
"id": "CVE-2019-12258"
}
]
},
"id": "VAR-201908-0715",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "447d6a09-30fb-4736-bac8-9c0272f13a81"
},
{
"db": "CNVD",
"id": "CNVD-2019-25703"
},
{
"db": "VULHUB",
"id": "VHN-143986"
}
],
"trust": 1.4289024700000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "447d6a09-30fb-4736-bac8-9c0272f13a81"
},
{
"db": "CNVD",
"id": "CNVD-2019-25703"
}
]
},
"last_update_date": "2024-11-23T20:18:52.197000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security\u00a0Notices Siemens Siemens\u00a0Security\u00a0Advisory",
"trust": 0.8,
"url": "https://security.netapp.com/advisory/ntap-20190802-0001/"
},
{
"title": "Wind River Systems VxWorks Parameter Denial of Service Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/172949"
},
{
"title": "Wind River Systems VxWorks Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=95610"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2019/07/29/wind_river_patches_vxworks/"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=1f919286ef48798d96223ef4d2143337"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=2dd69ca01b84b80e09672fedb1c26f51"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=99fa839be73f2df819a67c27caa912f8"
},
{
"title": "Fortinet Security Advisories: Wind River VxWorks IPnet TCP/IP Stack Vulnerabilities (aka. URGENT/11)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=fortinet_security_advisories\u0026qid=FG-IR-19-222"
},
{
"title": "urgent11-detector",
"trust": 0.1,
"url": "https://github.com/ArmisSecurity/urgent11-detector "
},
{
"title": "Urgent11-Suricata-LUA-scripts",
"trust": 0.1,
"url": "https://github.com/sud0woodo/Urgent11-Suricata-LUA-scripts "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-25703"
},
{
"db": "VULMON",
"id": "CVE-2019-12258"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007842"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-1495"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-384",
"trust": 1.1
},
{
"problemtype": "Session immobilization (CWE-384) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-143986"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007842"
},
{
"db": "NVD",
"id": "CVE-2019-12258"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-12258"
},
{
"trust": 1.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf"
},
{
"trust": 1.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf"
},
{
"trust": 1.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf"
},
{
"trust": 1.8,
"url": "https://psirt.global.sonicwall.com/vuln-detail/snwlid-2019-0009"
},
{
"trust": 1.8,
"url": "https://security.netapp.com/advisory/ntap-20190802-0001/"
},
{
"trust": 1.8,
"url": "https://support.f5.com/csp/article/k41190253"
},
{
"trust": 1.8,
"url": "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/"
},
{
"trust": 1.8,
"url": "https://support2.windriver.com/index.php?page=security-notices"
},
{
"trust": 1.7,
"url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=cve-2019-12258"
},
{
"trust": 1.4,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-274-01"
},
{
"trust": 1.4,
"url": "https://www.us-cert.gov/ics/advisories/icsma-19-274-01"
},
{
"trust": 1.4,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-211-01"
},
{
"trust": 0.9,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-10"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92467308/"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92598492/"
},
{
"trust": 0.6,
"url": "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/security-advisory-ipnet/security-advisory-ipnet.pdf"
},
{
"trust": 0.6,
"url": "https://www.tenable.com/blog/critical-vulnerabilities-dubbed-urgent11-place-devices-running-vxworks-at-risk-of-rce-attacks"
},
{
"trust": 0.6,
"url": "https://fortiguard.com/psirt/fg-ir-19-222"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.3695.5/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2856/"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/wind-river-vxworks-multiple-vulnerabilities-via-ipnet-29905"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/asb-2019.0224/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.3245/"
},
{
"trust": 0.1,
"url": "https://support2.windriver.com/index.php?page=cve\u0026amp;on=view\u0026amp;id=cve-2019-12258"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/384.html"
},
{
"trust": 0.1,
"url": "https://github.com/armissecurity/urgent11-detector"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=60685"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-25703"
},
{
"db": "VULHUB",
"id": "VHN-143986"
},
{
"db": "VULMON",
"id": "CVE-2019-12258"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007842"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-1495"
},
{
"db": "NVD",
"id": "CVE-2019-12258"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "447d6a09-30fb-4736-bac8-9c0272f13a81"
},
{
"db": "CNVD",
"id": "CNVD-2019-25703"
},
{
"db": "VULHUB",
"id": "VHN-143986"
},
{
"db": "VULMON",
"id": "CVE-2019-12258"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007842"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-1495"
},
{
"db": "NVD",
"id": "CVE-2019-12258"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-08-02T00:00:00",
"db": "IVD",
"id": "447d6a09-30fb-4736-bac8-9c0272f13a81"
},
{
"date": "2019-08-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-25703"
},
{
"date": "2019-08-09T00:00:00",
"db": "VULHUB",
"id": "VHN-143986"
},
{
"date": "2019-08-09T00:00:00",
"db": "VULMON",
"id": "CVE-2019-12258"
},
{
"date": "2019-08-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-007842"
},
{
"date": "2019-07-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-1495"
},
{
"date": "2019-08-09T20:15:11.410000",
"db": "NVD",
"id": "CVE-2019-12258"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-08-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-25703"
},
{
"date": "2019-09-10T00:00:00",
"db": "VULHUB",
"id": "VHN-143986"
},
{
"date": "2022-08-12T00:00:00",
"db": "VULMON",
"id": "CVE-2019-12258"
},
{
"date": "2023-11-21T01:13:00",
"db": "JVNDB",
"id": "JVNDB-2019-007842"
},
{
"date": "2022-03-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-1495"
},
{
"date": "2024-11-21T04:22:30.200000",
"db": "NVD",
"id": "CVE-2019-12258"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-1495"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wind River Systems VxWorks Parameter Denial of Service Vulnerability",
"sources": [
{
"db": "IVD",
"id": "447d6a09-30fb-4736-bac8-9c0272f13a81"
},
{
"db": "CNVD",
"id": "CNVD-2019-25703"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-1495"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…