5.3
CVE-2019-12265
- EPSS 55.27%
- Veröffentlicht 09.08.2019 19:15:11
- Zuletzt bearbeitet 21.11.2024 04:22:31
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Leak in the IGMPv3 client component. There is an IPNET security vulnerability: IGMP Information leak via IGMPv3 specific membership report.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Siemens ≫ Siprotec 5 Firmware Version < 7.91
Siemens ≫ Siprotec 5 Firmware Version < 7.59
Siemens ≫ Siprotec 5 Firmware Version < 7.91
Netapp ≫ E-series Santricity Os Controller Version >= 8.00 <= 8.40.50.00
Siemens ≫ Power Meter 9410 Firmware Version < 2.2.1
Siemens ≫ Ruggedcom Win7000 Firmware Version < bs5.2.461.17
Siemens ≫ Ruggedcom Win7018 Firmware Version < bs5.2.461.17
Siemens ≫ Ruggedcom Win7025 Firmware Version < bs5.2.461.17
Siemens ≫ Ruggedcom Win7200 Firmware Version < bs5.2.461.17
Belden ≫ Hirschmann Hios Version <= 07.0.07
Belden ≫ Hirschmann Ees20 Version-
Belden ≫ Hirschmann Ees25 Version-
Belden ≫ Hirschmann Eesx20 Version-
Belden ≫ Hirschmann Eesx30 Version-
Belden ≫ Hirschmann Grs1020 Version-
Belden ≫ Hirschmann Grs1030 Version-
Belden ≫ Hirschmann Grs1042 Version-
Belden ≫ Hirschmann Grs1120 Version-
Belden ≫ Hirschmann Grs1130 Version-
Belden ≫ Hirschmann Grs1142 Version-
Belden ≫ Hirschmann Msp30 Version-
Belden ≫ Hirschmann Msp32 Version-
Belden ≫ Hirschmann Rail Switch Power Lite Version-
Belden ≫ Hirschmann Rail Switch Power Smart Version-
Belden ≫ Hirschmann Red25 Version-
Belden ≫ Hirschmann Rsp20 Version-
Belden ≫ Hirschmann Rsp25 Version-
Belden ≫ Hirschmann Rsp30 Version-
Belden ≫ Hirschmann Rsp35 Version-
Belden ≫ Hirschmann Rspe30 Version-
Belden ≫ Hirschmann Rspe32 Version-
Belden ≫ Hirschmann Rspe35 Version-
Belden ≫ Hirschmann Rspe37 Version-
Belden ≫ Hirschmann Ees25 Version-
Belden ≫ Hirschmann Eesx20 Version-
Belden ≫ Hirschmann Eesx30 Version-
Belden ≫ Hirschmann Grs1020 Version-
Belden ≫ Hirschmann Grs1030 Version-
Belden ≫ Hirschmann Grs1042 Version-
Belden ≫ Hirschmann Grs1120 Version-
Belden ≫ Hirschmann Grs1130 Version-
Belden ≫ Hirschmann Grs1142 Version-
Belden ≫ Hirschmann Msp30 Version-
Belden ≫ Hirschmann Msp32 Version-
Belden ≫ Hirschmann Rail Switch Power Lite Version-
Belden ≫ Hirschmann Rail Switch Power Smart Version-
Belden ≫ Hirschmann Red25 Version-
Belden ≫ Hirschmann Rsp20 Version-
Belden ≫ Hirschmann Rsp25 Version-
Belden ≫ Hirschmann Rsp30 Version-
Belden ≫ Hirschmann Rsp35 Version-
Belden ≫ Hirschmann Rspe30 Version-
Belden ≫ Hirschmann Rspe32 Version-
Belden ≫ Hirschmann Rspe35 Version-
Belden ≫ Hirschmann Rspe37 Version-
Belden ≫ Hirschmann Hios Version <= 07.5.01
Belden ≫ Hirschmann Hios Version <= 07.2.04
Belden ≫ Hirschmann Hios Version <= 05.3.06
Belden ≫ Hirschmann Eagle One Version-
Belden ≫ Hirschmann Eagle20 Version-
Belden ≫ Hirschmann Eagle30 Version-
Belden ≫ Hirschmann Eagle20 Version-
Belden ≫ Hirschmann Eagle30 Version-
Belden ≫ Garrettcom Magnum Dx940e Firmware Version <= 1.0.1_y7
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 55.27% | 0.989 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://support2.windriver.com/index.php?page=security-notices
https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf
https://support.f5.com/csp/article/K41190253
https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009
https://security.netapp.com/advisory/ntap-20190802-0001/
https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12265