7.5

CVE-2019-18625

EPSS 0.25%
Published 06.01.2020 21:15:11
Last modified 21.11.2024 04:33:23
Source cve@mitre.org
Teams watchlist Login
Open Login

An issue was discovered in Suricata 5.0.0. It was possible to bypass/evade any tcp based signature by faking a closed TCP session using an evil server. After the TCP SYN packet, it is possible to inject a RST ACK and a FIN ACK packet with a bad TCP Timestamp option. The client will ignore the RST ACK and the FIN ACK packets because of the bad TCP Timestamp option. Both linux and windows client are ignoring the injected packets.

Affected products Warnungen 0 Metrics 3 CWE 0 References 8

Data is provided by the National Vulnerability Database (NVD)

Oisf ≫ Suricata Version5.0.0 Update-

Linux ≫ Linux Kernel Version-
Microsoft ≫ Windows Version-

Debian ≫ Debian Linux Version8.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.25%	0.487

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N

https://lists.debian.org/debian-lts-announce/2020/01/msg00032.html

Third Party Advisory

Mailing List

https://github.com/OISF/suricata/commit/9f0294fadca3dcc18c919424242a41e01f3e8318

Patch

Third Party Advisory

https://github.com/OISF/suricata/commit/ea0659de7640cf6a51de5bbd1dbbb0414e4623a0

Patch

Third Party Advisory

https://redmine.openinfosecfoundation.org/issues/3286

Third Party Advisory

https://redmine.openinfosecfoundation.org/issues/3395

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2019-18625

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-18625

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-18625

EUVD