[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2019-12264Date: (C)2019-08-07   (M)2023-12-22


Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4 assignment by the ipdhcpc DHCP client component.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 7.1CVSS Score : 4.8
Exploit Score: 2.8Exploit Score: 6.5
Impact Score: 4.2Impact Score: 4.9
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: ADJACENT_NETWORKAccess Vector: ADJACENT_NETWORK
Attack Complexity: LOWAccess Complexity: LOW
Privileges Required: NONEAuthentication: NONE
User Interaction: NONEConfidentiality: NONE
Scope: UNCHANGEDIntegrity: PARTIAL
Confidentiality: NONEAvailability: PARTIAL
Integrity: LOW 
Availability: HIGH 
  
Reference:
https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf
https://support.f5.com/csp/article/K41190253
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03960en_us
https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12264
https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/

CPE    6
cpe:/o:windriver:vxworks:6.8
cpe:/h:siemens:ruggedcom_win7200:-
cpe:/h:belden:hirschmann_rail_switch_power_lite:-
cpe:/o:windriver:vxworks:6.6
...
CWE    1
CWE-88

© SecPod Technologies