CVE-2019-12259

EPSS 9.76%
Veröffentlicht 09.08.2019 19:15:11
Zuletzt bearbeitet 21.11.2024 04:22:30
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 12

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Windriver ≫ Vxworks Version >= 6.5 < 6.9.4.12

Windriver ≫ Vxworks Version7.0 Update-

Sonicwall ≫ Sonicos Version >= 5.9.0.0 <= 5.9.0.7

Sonicwall ≫ Sonicos Version >= 5.9.1.0. <= 5.9.1.12

Sonicwall ≫ Sonicos Version >= 6.2.0.0 <= 6.2.3.1

Sonicwall ≫ Sonicos Version >= 6.2.4.0 <= 6.2.4.3

Sonicwall ≫ Sonicos Version >= 6.2.5.0 <= 6.2.5.3

Sonicwall ≫ Sonicos Version >= 6.2.6.0 <= 6.2.6.1

Sonicwall ≫ Sonicos Version >= 6.2.7.0 <= 6.2.7.4

Sonicwall ≫ Sonicos Version >= 6.2.9.0 <= 6.2.9.2

Sonicwall ≫ Sonicos Version >= 6.5.0.0 <= 6.5.0.3

Sonicwall ≫ Sonicos Version >= 6.5.1.0 <= 6.5.1.4

Sonicwall ≫ Sonicos Version >= 6.5.2.0 <= 6.5.2.3

Sonicwall ≫ Sonicos Version >= 6.5.3.0 <= 6.5.3.3

Sonicwall ≫ Sonicos Version >= 6.5.4.0. <= 6.5.4.3

Sonicwall ≫ Sonicos Version6.2.7.0

Sonicwall ≫ Sonicos Version6.2.7.1

Sonicwall ≫ Sonicos Version6.2.7.7

Siemens ≫ Siprotec 5 Firmware Version < 7.59

Siemens ≫ Siprotec 5 Version-

Siemens ≫ Siprotec 5 Firmware Version < 7.91

Siemens ≫ Siprotec 5 Version-

Siemens ≫ Siprotec 5 Firmware Version < 7.91

Siemens ≫ Siprotec 5 Version-

Siemens ≫ Ruggedcom Win7000 Firmware Version < bs5.2.461.17

Siemens ≫ Ruggedcom Win7000 Version-

Siemens ≫ Ruggedcom Win7200 Firmware Version < bs5.2.461.17

Siemens ≫ Ruggedcom Win7200 Version-

Siemens ≫ Ruggedcom Win7025 Firmware Version < bs5.2.461.17

Siemens ≫ Ruggedcom Win7025 Version-

Siemens ≫ Ruggedcom Win7018 Firmware Version < bs5.2.461.17

Siemens ≫ Ruggedcom Win7018 Version-

Siemens ≫ Ruggedcom Win7200 Firmware Version < bs5.2.461.17

Siemens ≫ Ruggedcom Win7200 Version-

Siemens ≫ 9410 Power Meter Firmware Version < 2.2.1

Siemens ≫ 9410 Power Meter Version-

Siemens ≫ 9810 Power Meter Firmware Version < 2.2.1

Siemens ≫ 9810 Power Meter Version-

Belden ≫ Hirschmann Hios Version <= 07.0.07

Belden ≫ Hirschmann Hios Version <= 07.5.01

Belden ≫ Hirschmann Msp40 Version-
Belden ≫ Hirschmann Octopus Os3 Version-

Belden ≫ Hirschmann Hios Version <= 07.2.04

Belden ≫ Hirschmann Dragon Mach4000 Version-
Belden ≫ Hirschmann Dragon Mach4500 Version-

Belden ≫ Hirschmann Hios Version <= 05.3.06

   Belden ≫ Hirschmann Eagle One Version-
   Belden ≫ Hirschmann Eagle20 Version-
   Belden ≫ Hirschmann Eagle30 Version-

Belden ≫ Garrettcom Magnum Dx940e Firmware Version <= 1.0.1_y7

Belden ≫ Garrettcom Magnum Dx940e Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	9.76%	0.927

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://support2.windriver.com/index.php?page=security-notices

Vendor Advisory

Issue Tracking

https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf

Third Party Advisory

https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf

Third Party Advisory

https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf

Third Party Advisory

https://support.f5.com/csp/article/K41190253

Third Party Advisory

https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/

Vendor Advisory

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009

Third Party Advisory

https://security.netapp.com/advisory/ntap-20190802-0001/

Third Party Advisory

https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12259

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2019-12259

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-12259

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-12259

EUVD