national critical information infrastructure protection ... · packet inspection, which could cause...
TRANSCRIPT
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
1
National Critical Information Infrastructure Protection Centre
Common Vulnerabilities and Exposures(CVE) Report
01 - 15 May 2019 Vol. 06 No. 09
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Application
Alkacon
opencms
Improper
Neutralizatio
n of Input
During Web
Page
Generation
('Cross-site
Scripting')
08-05-2019 4.3
Alkacon OpenCMS v10.5.4 and
before is affected by stored
cross site scripting (XSS) in the
module New User
(/opencms/system/workplace
/admin/accounts/user_new.js
p). This allows an attacker to
insert arbitrary JavaScript as
user input (First Name or Last
Name), which will be executed
whenever the affected snippet
is loaded.
CVE ID : CVE-2019-11818
N/A
A-ALK-
OPEN-
200519/1
Improper
Neutralizatio
n of Special
Elements in
Output Used
by a
Downstream
Component
('Injection')
08-05-2019 6.8
Alkacon OpenCMS v10.5.4 and
before is affected by CSV (aka
Excel Macro) Injection in the
module New User
(/opencms/system/workplace
/admin/accounts/user_new.js
p) via the First Name or Last
Name.
CVE ID : CVE-2019-11819
N/A
A-ALK-
OPEN-
200519/2
anomali
agave
N/A 01-05-2019 5
Anomali Agave (formerly
Drupot) through 1.0.0 fails to
avoid fingerprinting by
including predictable data and
N/A
A-ANO-
AGAV-
200519/3
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
2
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
minimal variation in size
within HTML templates, giving
attackers the ability to detect
and avoid this system.
CVE ID : CVE-2019-11641
Apache
karaf
Improper
Limitation of
a Pathname
to a
Restricted
Directory
('Path
Traversal')
09-05-2019 5.5
Apache Karaf Config service
provides a install method (via
service or MBean) that could
be used to travel in any
directory and overwrite
existing file. The vulnerability
is low if the Karaf process user
has limited permission on the
filesystem. Any Apache Karaf
version before 4.2.5 is
impacted. User should upgrade
to Apache Karaf 4.2.5 or later.
CVE ID : CVE-2019-0226
N/A
A-APA-
KARA-
200519/4
axis
Server-Side
Request
Forgery
(SSRF)
01-05-2019 5.4
A Server Side Request Forgery
(SSRF) vulnerability affected
the Apache Axis 1.4
distribution that was last
released in 2006. Security and
bug commits commits
continue in the projects Axis
1.x Subversion repository,
legacy users are encouraged to
build from source. The
successor to Axis 1.x is Axis2,
the latest version is 1.7.9 and
is not vulnerable to this issue.
CVE ID : CVE-2019-0227
N/A A-APA-AXIS-
200519/5
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
3
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Atlassian
jira
Improper
Neutralizatio
n of Input
During Web
Page
Generation
('Cross-site
Scripting')
03-05-2019 4.3
The labels gadget in Jira before
version 7.13.2, and from
version 8.0.0 before version
8.0.2 allows remote attackers
to inject arbitrary HTML or
JavaScript via a cross site
scripting (XSS) vulnerability in
the jql parameter.
CVE ID : CVE-2019-3400
N/A A-ATL-JIRA-
200519/6
axios
axios
Improper
Input
Validation
07-05-2019 5
Axios up to and including
0.18.0 allows attackers to
cause a denial of service
(application crash) by
continuing to accepting
content after
maxContentLength is
exceeded.
CVE ID : CVE-2019-10742
N/A A-AXI-AXIO-
200519/7
Cakefoundation
cakephp
Improper
Input
Validation
08-05-2019 6.4
An issue was discovered in
SmtpTransport in CakePHP
3.7.6. An unserialized object
with modified internal
properties can trigger
arbitrary file overwriting upon
destruction.
CVE ID : CVE-2019-11458
N/A
A-CAK-
CAKE-
200519/8
Cisco
adaptive_security_appliance_software
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
4
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Improper
Input
Validation
03-05-2019 7.8
A vulnerability in the TCP
proxy functionality for Cisco
Adaptive Security Appliance
(ASA) Software and Cisco
Firepower Threat Defense
(FTD) Software could allow an
unauthenticated, remote
attacker to cause the device to
restart unexpectedly, resulting
in a denial of service (DoS)
condition. The vulnerability is
due to an error in TCP-based
packet inspection, which could
cause the TCP packet to have
an invalid Layer 2 (L2)-
formatted header. An attacker
could exploit this vulnerability
by sending a crafted TCP
packet sequence to the
targeted device. A successful
exploit could allow the
attacker to cause a DoS
condition.
CVE ID : CVE-2019-1687
N/A A-CIS-ADAP-
200519/9
N/A 03-05-2019 6.8
A vulnerability in the WebVPN
service of Cisco Adaptive
Security Appliance (ASA)
Software and Cisco Firepower
Threat Defense (FTD)
Software could allow an
authenticated, remote attacker
to cause a denial of service
(DoS) condition on an affected
device. The vulnerability is due
to improper management of
authenticated sessions in the
WebVPN portal. An attacker
could exploit this vulnerability
N/A A-CIS-ADAP-
200519/10
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
5
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
by authenticating with valid
credentials and accessing a
specific URL in the WebVPN
portal. A successful exploit
could allow the attacker to
cause the device to reload,
resulting in a temporary DoS
condition.
CVE ID : CVE-2019-1693
N/A 03-05-2019 7.8
A vulnerability in the TCP
processing engine of Cisco
Adaptive Security Appliance
(ASA) Software and Cisco
Firepower Threat Defense
(FTD) Software could allow an
unauthenticated, remote
attacker to cause an affected
device to reload, resulting in a
denial of service (DoS)
condition. The vulnerability is
due to the improper handling
of TCP traffic. An attacker
could exploit this vulnerability
by sending a specific sequence
of packets at a high rate
through an affected device. A
successful exploit could allow
the attacker to temporarily
disrupt traffic through the
device while it reboots.
CVE ID : CVE-2019-1694
N/A A-CIS-ADAP-
200519/11
Improper
Access
Control
03-05-2019 6.1
A vulnerability in the detection
engine of Cisco Adaptive
Security Appliance (ASA)
Software and Cisco Firepower
Threat Defense (FTD)
Software could allow an
N/A A-CIS-ADAP-
200519/12
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
6
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
unauthenticated, adjacent
attacker to send data directly
to the kernel of an affected
device. The vulnerability exists
because the software
improperly filters Ethernet
frames sent to an affected
device. An attacker could
exploit this vulnerability by
sending crafted packets to the
management interface of an
affected device. A successful
exploit could allow the
attacker to bypass the Layer 2
(L2) filters and send data
directly to the kernel of the
affected device. A malicious
frame successfully delivered
would make the target device
generate a specific syslog
entry.
CVE ID : CVE-2019-1695
Improper
Input
Validation
03-05-2019 7.8
A vulnerability in the
implementation of the
Lightweight Directory Access
Protocol (LDAP) feature in
Cisco Adaptive Security
Appliance (ASA) Software and
Firepower Threat Defense
(FTD) Software could allow an
unauthenticated, remote
attacker to cause an affected
device to reload, resulting in a
denial of service (DoS)
condition. The vulnerabilities
are due to the improper
parsing of LDAP packets sent
to an affected device. An
N/A A-CIS-ADAP-
200519/13
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
7
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
attacker could exploit these
vulnerabilities by sending a
crafted LDAP packet, using
Basic Encoding Rules (BER), to
be processed by an affected
device. A successful exploit
could allow the attacker to
cause the affected device to
reload, resulting in a DoS
condition.
CVE ID : CVE-2019-1697
Improper
Neutralizatio
n of Input
During Web
Page
Generation
('Cross-site
Scripting')
03-05-2019 3.5
Multiple vulnerabilities in the
WebVPN service of Cisco
Adaptive Security Appliance
(ASA) Software and Cisco
Firepower Threat Defense
(FTD) Software could allow an
authenticated, remote attacker
to conduct a cross-site
scripting (XSS) attack against a
user of the WebVPN portal of
an affected device. The
vulnerabilities exist because
the software insufficiently
validates user-supplied input
on an affected device. An
attacker could exploit these
vulnerabilities by persuading a
user of the interface to click a
crafted link. A successful
exploit could allow the
attacker to execute arbitrary
script code in the context of
the affected interface or access
sensitive browser-based
information. An attacker
would need administrator
privileges on the device to
N/A A-CIS-ADAP-
200519/14
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
8
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
exploit these vulnerabilities.
CVE ID : CVE-2019-1701
Improper
Resource
Shutdown or
Release
03-05-2019 4.3
A vulnerability in the remote
access VPN session manager of
Cisco Adaptive Security
Appliance (ASA) Software
could allow a unauthenticated,
remote attacker to cause a
denial of service (DoS)
condition on the remote access
VPN services. The
vulnerability is due to an issue
with the remote access VPN
session manager. An attacker
could exploit this vulnerability
by requesting an excessive
number of remote access VPN
sessions. An exploit could
allow the attacker to cause a
DoS condition.
CVE ID : CVE-2019-1705
N/A A-CIS-ADAP-
200519/15
Improper
Resource
Shutdown or
Release
03-05-2019 7.8
A vulnerability in the software
cryptography module of the
Cisco Adaptive Security Virtual
Appliance (ASAv) and
Firepower 2100 Series
running Cisco Adaptive
Security Appliance (ASA)
Software could allow an
unauthenticated, remote
attacker to cause an
unexpected reload of the
device that results in a denial
of service (DoS) condition. The
vulnerability is due to a logic
error with how the software
cryptography module handles
N/A A-CIS-ADAP-
200519/16
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
9
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
IPsec sessions. An attacker
could exploit this vulnerability
by creating and sending traffic
in a high number of IPsec
sessions through the targeted
device. A successful exploit
could cause the device to
reload and result in a DoS
condition.
CVE ID : CVE-2019-1706
Improper
Resource
Shutdown or
Release
03-05-2019 7.8
A vulnerability in the Internet
Key Exchange Version 2
Mobility and Multihoming
Protocol (MOBIKE) feature for
the Cisco Adaptive Security
Appliance (ASA) Software and
Cisco Firepower Threat
Defense (FTD) Software could
allow an unauthenticated,
remote attacker to cause a
memory leak or a reload of an
affected device that leads to a
denial of service (DoS)
condition. The vulnerability is
due to the incorrect processing
of certain MOBIKE packets. An
attacker could exploit this
vulnerability by sending
crafted MOBIKE packets to an
affected device to be
processed. A successful exploit
could cause an affected device
to continuously consume
memory and eventually
reload, resulting in a DoS
condition. The MOBIKE feature
is supported only for IPv4
addresses.
N/A A-CIS-ADAP-
200519/17
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
10
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
CVE ID : CVE-2019-1708
Cross-Site
Request
Forgery
(CSRF)
03-05-2019 9.3
A vulnerability in the web-
based management interface
of Cisco Adaptive Security
Appliance (ASA) Software
could allow an
unauthenticated, remote
attacker to conduct a cross-
site request forgery (CSRF)
attack on an affected system.
The vulnerability is due to
insufficient CSRF protections
for the web-based
management interface on an
affected device. An attacker
could exploit this vulnerability
by persuading a user of the
interface to follow a malicious
link. A successful exploit could
allow the attacker to perform
arbitrary actions with the
privilege level of the affected
user. If the user has
administrative privileges, the
attacker could alter the
configuration of, extract
information from, or reload an
affected device.
CVE ID : CVE-2019-1713
N/A A-CIS-ADAP-
200519/18
N/A 03-05-2019 5
A vulnerability in the
implementation of Security
Assertion Markup Language
(SAML) 2.0 Single Sign-On
(SSO) for Clientless SSL VPN
(WebVPN) and AnyConnect
Remote Access VPN in Cisco
Adaptive Security Appliance
(ASA) Software and Cisco
N/A A-CIS-ADAP-
200519/19
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
11
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Firepower Threat Defense
(FTD) Software could allow an
unauthenticated, remote
attacker to successfully
establish a VPN session to an
affected device. The
vulnerability is due to
improper credential
management when using NT
LAN Manager (NTLM) or basic
authentication. An attacker
could exploit this vulnerability
by opening a VPN session to an
affected device after another
VPN user has successfully
authenticated to the affected
device via SAML SSO. A
successful exploit could allow
the attacker to connect to
secured networks behind the
affected device.
CVE ID : CVE-2019-1714
network_registrar
Improper
Neutralizatio
n of Input
During Web
Page
Generation
('Cross-site
Scripting')
03-05-2019 4.3
A vulnerability in the web-
based management interface
of Cisco Prime Network
Registrar could allow an
unauthenticated, remote
attacker to conduct a cross-
site scripting (XSS) attack
against a user of the web-
based interface. The
vulnerability is due to
insufficient validation of user-
supplied input by the web-
based management interface.
An attacker could exploit this
vulnerability by persuading a
N/A
A-CIS-
NETW-
200519/20
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
12
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
user of the interface to click a
malicious link. A successful
exploit could allow the
attacker to execute arbitrary
script code in the context of
the interface or allow the
attacker to access sensitive
browser-based information.
CVE ID : CVE-2019-1852
umbrella
Session
Fixation 03-05-2019 6.8
A vulnerability in the session
management functionality of
the web UI for the Cisco
Umbrella Dashboard could
allow an authenticated, remote
attacker to access the
Dashboard via an active, user
session. The vulnerability
exists due to the affected
application not invalidating an
existing session when a user
authenticates to the
application and changes the
users credentials via another
authenticated session. An
attacker could exploit this
vulnerability by using a
separate, authenticated, active
session to connect to the
application through the web
UI. A successful exploit could
allow the attacker to maintain
access to the dashboard via an
authenticated user's browser
session. Cisco has addressed
this vulnerability in the Cisco
Umbrella Dashboard. No user
N/A
A-CIS-
UMBR-
200519/21
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
13
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
action is required.
CVE ID : CVE-2019-1807
email_security_appliance
Improper
Input
Validation
03-05-2019 5
A vulnerability in certain
attachment detection
mechanisms of the Cisco Email
Security Appliance (ESA) could
allow an unauthenticated,
remote attacker to bypass the
filtering functionality of an
affected device. The
vulnerability is due to
improper detection of certain
content sent to an affected
device. An attacker could
exploit this vulnerability by
sending certain file types
without Content-Disposition
information to an affected
device. A successful exploit
could allow an attacker to send
messages that contain
malicious content to users.
CVE ID : CVE-2019-1844
N/A A-CIS-EMAI-
200519/22
firepower_management_center
Uncontrolled
Resource
Consumption
03-05-2019 3.3
Multiple vulnerabilities in the
Server Message Block (SMB)
Protocol preprocessor
detection engine for Cisco
Firepower Threat Defense
(FTD) Software could allow an
unauthenticated, adjacent or
remote attacker to cause a
denial of service (DoS)
condition. For more
information about these
vulnerabilities, see the Details
N/A A-CIS-FIRE-
200519/23
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
14
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
section of this advisory.
CVE ID : CVE-2019-1696
Improper
Neutralizatio
n of Special
Elements
used in an OS
Command
('OS
Command
Injection')
03-05-2019 7.2
A vulnerability in the CLI of
Cisco Firepower Threat
Defense (FTD) Software could
allow an authenticated, local
attacker to perform a
command injection attack. The
vulnerability is due to
insufficient input validation.
An attacker could exploit this
vulnerability by injecting
commands into arguments for
a specific command. A
successful exploit could allow
the attacker to execute
commands with root
privileges.
CVE ID : CVE-2019-1699
N/A A-CIS-FIRE-
200519/24
Improper
Neutralizatio
n of Special
Elements
used in an OS
Command
('OS
Command
Injection')
03-05-2019 7.2
A vulnerability in the CLI of
Cisco Firepower Threat
Defense (FTD) Software could
allow an authenticated, local
attacker to perform a
command injection attack. The
vulnerability is due to
insufficient input validation.
An attacker could exploit this
vulnerability by injecting
commands into arguments for
a specific command. A
successful exploit could allow
the attacker to execute
commands with root
privileges.
CVE ID : CVE-2019-1709
N/A A-CIS-FIRE-
200519/25
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
15
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
prime_collaboration_assurance
Improper
Neutralizatio
n of Input
During Web
Page
Generation
('Cross-site
Scripting')
03-05-2019 4.3
A vulnerability in the web-
based management interface
of Cisco Prime Collaboration
Assurance (PCA) could allow
an unauthenticated, remote
attacker to conduct a cross-
site scripting (XSS) attack
against a user of the web-
based management interface
of an affected device. The
vulnerability is due to the
insufficient validation of data
supplied by external devices to
the web-based management
interface of an affected PCA
device. An attacker in control
of devices integrated with an
affected PCA device could
exploit this vulnerability by
using crafted data in certain
fields of the controlled devices.
A successful exploit could
allow the attacker to execute
arbitrary script code in the
context of the PCA web-based
management interface or
allow the attacker to access
sensitive browser-based
information.
CVE ID : CVE-2019-1856
N/A A-CIS-PRIM-
200519/26
firepower_threat_defense
Improper
Input
Validation
03-05-2019 7.8
A vulnerability in the TCP
proxy functionality for Cisco
Adaptive Security Appliance
(ASA) Software and Cisco
Firepower Threat Defense
N/A A-CIS-FIRE-
200519/27
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
16
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
(FTD) Software could allow an
unauthenticated, remote
attacker to cause the device to
restart unexpectedly, resulting
in a denial of service (DoS)
condition. The vulnerability is
due to an error in TCP-based
packet inspection, which could
cause the TCP packet to have
an invalid Layer 2 (L2)-
formatted header. An attacker
could exploit this vulnerability
by sending a crafted TCP
packet sequence to the
targeted device. A successful
exploit could allow the
attacker to cause a DoS
condition.
CVE ID : CVE-2019-1687
N/A 03-05-2019 6.8
A vulnerability in the WebVPN
service of Cisco Adaptive
Security Appliance (ASA)
Software and Cisco Firepower
Threat Defense (FTD)
Software could allow an
authenticated, remote attacker
to cause a denial of service
(DoS) condition on an affected
device. The vulnerability is due
to improper management of
authenticated sessions in the
WebVPN portal. An attacker
could exploit this vulnerability
by authenticating with valid
credentials and accessing a
specific URL in the WebVPN
portal. A successful exploit
could allow the attacker to
N/A A-CIS-FIRE-
200519/28
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
17
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
cause the device to reload,
resulting in a temporary DoS
condition.
CVE ID : CVE-2019-1693
N/A 03-05-2019 7.8
A vulnerability in the TCP
processing engine of Cisco
Adaptive Security Appliance
(ASA) Software and Cisco
Firepower Threat Defense
(FTD) Software could allow an
unauthenticated, remote
attacker to cause an affected
device to reload, resulting in a
denial of service (DoS)
condition. The vulnerability is
due to the improper handling
of TCP traffic. An attacker
could exploit this vulnerability
by sending a specific sequence
of packets at a high rate
through an affected device. A
successful exploit could allow
the attacker to temporarily
disrupt traffic through the
device while it reboots.
CVE ID : CVE-2019-1694
N/A A-CIS-FIRE-
200519/29
Improper
Access
Control
03-05-2019 6.1
A vulnerability in the detection
engine of Cisco Adaptive
Security Appliance (ASA)
Software and Cisco Firepower
Threat Defense (FTD)
Software could allow an
unauthenticated, adjacent
attacker to send data directly
to the kernel of an affected
device. The vulnerability exists
because the software
N/A A-CIS-FIRE-
200519/30
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
18
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
improperly filters Ethernet
frames sent to an affected
device. An attacker could
exploit this vulnerability by
sending crafted packets to the
management interface of an
affected device. A successful
exploit could allow the
attacker to bypass the Layer 2
(L2) filters and send data
directly to the kernel of the
affected device. A malicious
frame successfully delivered
would make the target device
generate a specific syslog
entry.
CVE ID : CVE-2019-1695
Uncontrolled
Resource
Consumption
03-05-2019 3.3
Multiple vulnerabilities in the
Server Message Block (SMB)
Protocol preprocessor
detection engine for Cisco
Firepower Threat Defense
(FTD) Software could allow an
unauthenticated, adjacent or
remote attacker to cause a
denial of service (DoS)
condition. For more
information about these
vulnerabilities, see the Details
section of this advisory.
CVE ID : CVE-2019-1696
N/A A-CIS-FIRE-
200519/31
Improper
Input
Validation
03-05-2019 7.8
A vulnerability in the
implementation of the
Lightweight Directory Access
Protocol (LDAP) feature in
Cisco Adaptive Security
Appliance (ASA) Software and
N/A A-CIS-FIRE-
200519/32
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
19
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Firepower Threat Defense
(FTD) Software could allow an
unauthenticated, remote
attacker to cause an affected
device to reload, resulting in a
denial of service (DoS)
condition. The vulnerabilities
are due to the improper
parsing of LDAP packets sent
to an affected device. An
attacker could exploit these
vulnerabilities by sending a
crafted LDAP packet, using
Basic Encoding Rules (BER), to
be processed by an affected
device. A successful exploit
could allow the attacker to
cause the affected device to
reload, resulting in a DoS
condition.
CVE ID : CVE-2019-1697
Improper
Neutralizatio
n of Input
During Web
Page
Generation
('Cross-site
Scripting')
03-05-2019 3.5
Multiple vulnerabilities in the
WebVPN service of Cisco
Adaptive Security Appliance
(ASA) Software and Cisco
Firepower Threat Defense
(FTD) Software could allow an
authenticated, remote attacker
to conduct a cross-site
scripting (XSS) attack against a
user of the WebVPN portal of
an affected device. The
vulnerabilities exist because
the software insufficiently
validates user-supplied input
on an affected device. An
attacker could exploit these
vulnerabilities by persuading a
N/A A-CIS-FIRE-
200519/33
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
20
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
user of the interface to click a
crafted link. A successful
exploit could allow the
attacker to execute arbitrary
script code in the context of
the affected interface or access
sensitive browser-based
information. An attacker
would need administrator
privileges on the device to
exploit these vulnerabilities.
CVE ID : CVE-2019-1701
Uncontrolled
Resource
Consumption
03-05-2019 7.8
A vulnerability in the internal
packet-processing
functionality of Cisco
Firepower Threat Defense
(FTD) Software for the Cisco
Firepower 2100 Series could
allow an unauthenticated,
remote attacker to cause an
affected device to stop
processing traffic, resulting in
a denial of service (DoS)
condition. The vulnerability is
due to a logic error, which may
prevent ingress buffers from
being replenished under
specific traffic conditions. An
attacker could exploit this
vulnerability by sending a
series of crafted packets to an
affected device. A successful
exploit could allow the
attacker to consume all input
buffers, which are shared
between all interfaces, leading
to a queue wedge condition in
all active interfaces. This
N/A A-CIS-FIRE-
200519/34
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
21
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
situation would cause an
affected device to stop
processing any incoming
traffic and result in a DoS
condition until the device is
reloaded manually.
CVE ID : CVE-2019-1703
Uncontrolled
Resource
Consumption
03-05-2019 5
Multiple vulnerabilities in the
Server Message Block (SMB)
Protocol preprocessor
detection engine for Cisco
Firepower Threat Defense
(FTD) Software could allow an
unauthenticated, adjacent or
remote attacker to cause a
denial of service (DoS)
condition. For more
information about these
vulnerabilities, see the Details
section of this advisory.
CVE ID : CVE-2019-1704
N/A A-CIS-FIRE-
200519/35
Improper
Resource
Shutdown or
Release
03-05-2019 7.8
A vulnerability in the Internet
Key Exchange Version 2
Mobility and Multihoming
Protocol (MOBIKE) feature for
the Cisco Adaptive Security
Appliance (ASA) Software and
Cisco Firepower Threat
Defense (FTD) Software could
allow an unauthenticated,
remote attacker to cause a
memory leak or a reload of an
affected device that leads to a
denial of service (DoS)
condition. The vulnerability is
due to the incorrect processing
of certain MOBIKE packets. An
N/A A-CIS-FIRE-
200519/36
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
22
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
attacker could exploit this
vulnerability by sending
crafted MOBIKE packets to an
affected device to be
processed. A successful exploit
could cause an affected device
to continuously consume
memory and eventually
reload, resulting in a DoS
condition. The MOBIKE feature
is supported only for IPv4
addresses.
CVE ID : CVE-2019-1708
Improper
Neutralizatio
n of Special
Elements
used in an OS
Command
('OS
Command
Injection')
03-05-2019 7.2
A vulnerability in the CLI of
Cisco Firepower Threat
Defense (FTD) Software could
allow an authenticated, local
attacker to perform a
command injection attack. The
vulnerability is due to
insufficient input validation.
An attacker could exploit this
vulnerability by injecting
commands into arguments for
a specific command. A
successful exploit could allow
the attacker to execute
commands with root
privileges.
CVE ID : CVE-2019-1709
N/A A-CIS-FIRE-
200519/37
N/A 03-05-2019 5
A vulnerability in the
implementation of Security
Assertion Markup Language
(SAML) 2.0 Single Sign-On
(SSO) for Clientless SSL VPN
(WebVPN) and AnyConnect
Remote Access VPN in Cisco
N/A A-CIS-FIRE-
200519/38
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
23
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Adaptive Security Appliance
(ASA) Software and Cisco
Firepower Threat Defense
(FTD) Software could allow an
unauthenticated, remote
attacker to successfully
establish a VPN session to an
affected device. The
vulnerability is due to
improper credential
management when using NT
LAN Manager (NTLM) or basic
authentication. An attacker
could exploit this vulnerability
by opening a VPN session to an
affected device after another
VPN user has successfully
authenticated to the affected
device via SAML SSO. A
successful exploit could allow
the attacker to connect to
secured networks behind the
affected device.
CVE ID : CVE-2019-1714
Insufficient
Entropy in
PRNG
03-05-2019 5
A vulnerability in the
Deterministic Random Bit
Generator (DRBG), also known
as Pseudorandom Number
Generator (PRNG), used in
Cisco Adaptive Security
Appliance (ASA) Software and
Cisco Firepower Threat
Defense (FTD) Software could
allow an unauthenticated,
remote attacker to cause a
cryptographic collision,
enabling the attacker to
discover the private key of an
N/A A-CIS-FIRE-
200519/39
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
24
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
affected device. The
vulnerability is due to
insufficient entropy in the
DRBG when generating
cryptographic keys. An
attacker could exploit this
vulnerability by generating a
large number of cryptographic
keys on an affected device and
looking for collisions with
target devices. A successful
exploit could allow the
attacker to impersonate an
affected target device or to
decrypt traffic secured by an
affected key that is sent to or
from an affected target device.
CVE ID : CVE-2019-1715
web_security_appliance
Improper
Input
Validation
03-05-2019 7.2
A vulnerability in the log
subscription subsystem of the
Cisco Web Security Appliance
(WSA) could allow an
authenticated, local attacker to
perform command injection
and elevate privileges to root.
The vulnerability is due to
insufficient validation of user-
supplied input on the web and
command-line interface. An
attacker could exploit this
vulnerability by authenticating
to the affected device and
injecting scripting commands
in the scope of the log
subscription subsystem. A
successful exploit could allow
the attacker to execute
N/A A-CIS-WEB_-
200519/40
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
25
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
arbitrary commands on the
underlying operating system
and elevate privileges to root.
CVE ID : CVE-2019-1816
Improper
Input
Validation
03-05-2019 5
A vulnerability in the web
proxy functionality of Cisco
AsyncOS Software for Cisco
Web Security Appliance could
allow an unauthenticated,
remote attacker to cause a
denial of service (DoS)
condition on an affected
device. The vulnerability is due
to improper validation of
HTTP and HTTPS requests. An
attacker could exploit this
vulnerability by sending a
malformed HTTP or HTTPS
request to an affected device.
An exploit could allow the
attacker to cause a restart of
the web proxy process,
resulting in a temporary DoS
condition.
CVE ID : CVE-2019-1817
N/A A-CIS-WEB_-
200519/41
telepresence_video_communication_server
Improper
Limitation of
a Pathname
to a
Restricted
Directory
('Path
Traversal')
03-05-2019 4
A vulnerability in the
management web interface of
Cisco Expressway Series could
allow an authenticated, remote
attacker to perform a directory
traversal attack against an
affected device. The
vulnerability is due to
insufficient input validation on
the web interface. An attacker
could exploit this vulnerability
N/A A-CIS-TELE-
200519/42
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
26
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
by sending a crafted HTTP
request to the web interface. A
successful exploit could allow
the attacker to bypass security
restrictions and access the
web interface of a Cisco
Unified Communications
Manager associated with the
affected device. Valid
credentials would still be
required to access the Cisco
Unified Communications
Manager interface.
CVE ID : CVE-2019-1854
application_policy_infrastructure_controller
N/A 03-05-2019 2.1
A vulnerability in Cisco
Application Policy
Infrastructure Controller
(APIC) Software could allow
an unauthenticated, local
attacker with physical access
to obtain sensitive information
from an affected device. The
vulnerability is due to insecure
removal of cleartext
encryption keys stored on
local partitions in the hard
drive of an affected device. An
attacker could exploit this
vulnerability by retrieving
data from the physical disk on
the affected partition(s). A
successful exploit could allow
the attacker to retrieve
encryption keys, possibly
allowing the attacker to
further decrypt other data and
sensitive information on the
N/A A-CIS-APPL-
200519/43
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
27
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
device, which could lead to the
disclosure of confidential
information.
CVE ID : CVE-2019-1586
N/A 03-05-2019 7.2
A vulnerability in the FUSE
filesystem functionality for
Cisco Application Policy
Infrastructure Controller
(APIC) software could allow an
authenticated, local attacker to
escalate privileges to root on
an affected device. The
vulnerability is due to
insufficient input validation
for certain command strings
issued on the CLI of the
affected device. An attacker
with write permissions for
files within a readable folder
on the device could alter
certain definitions in the
affected file. A successful
exploit could allow an attacker
to cause the underlying FUSE
driver to execute said crafted
commands, elevating the
attacker's privileges to root on
an affected device.
CVE ID : CVE-2019-1682
N/A A-CIS-APPL-
200519/44
Information
Exposure 03-05-2019 5
A vulnerability in the web-
based management interface
of Cisco Application Policy
Infrastructure Controller
(APIC) Software could allow
an unauthenticated, remote
attacker to access sensitive
system usage information. The
N/A A-CIS-APPL-
200519/45
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
28
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
vulnerability is due to a lack of
proper data protection
mechanisms for certain
components in the underlying
Application Centric
Infrastructure (ACI). An
attacker could exploit this
vulnerability by attempting to
observe certain network traffic
when accessing the APIC. A
successful exploit could allow
the attacker to access and
collect certain tracking data
and usage statistics on an
affected device.
CVE ID : CVE-2019-1692
Improper
Neutralizatio
n of Input
During Web
Page
Generation
('Cross-site
Scripting')
03-05-2019 3.5
A vulnerability in the web-
based management interface
of Cisco Application Policy
Infrastructure Controller
(APIC) could allow an
authenticated, remote attacker
to conduct a cross-site
scripting (XSS) attack against a
user of the web-based
management interface of an
affected device. The
vulnerability is due to
insufficient validation of user-
supplied input by the web-
based management interface.
An attacker could exploit this
vulnerability by persuading a
user of the interface to click a
crafted link. A successful
exploit could allow the
attacker to execute arbitrary
script code in the context of
N/A A-CIS-APPL-
200519/46
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
29
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
the affected interface or access
sensitive, browser-based
information. This vulnerability
has been fixed in software
version 14.1(1i).
CVE ID : CVE-2019-1838
Citrix
sharefile
Information
Exposure 13-05-2019 5
Citrix ShareFile through 19.1
allows User Enumeration. It is
possible to enumerate
application username based
on different server responses
using the request to check the
otp code. No authentication is
required.
CVE ID : CVE-2019-7217
N/A A-CIT-SHAR-
200519/47
Improper
Authenticati
on
13-05-2019 4.3
Citrix ShareFile through 19.1
allows a downgrade from two-
factor authentication to one-
factor authentication. An
attacker with access to the
offline victim?s otp physical
token or virtual app (like
google authenticator) is able to
bypass the first authentication
phase (username/password
mechanism) and log-in using
username/otp combination
only (phase 2 of 2FA).
CVE ID : CVE-2019-7218
N/A A-CIT-SHAR-
200519/48
cjson_project
cjson
Improper
Restriction 09-05-2019 7.5 cJSON before 1.7.11 allows
out-of-bounds access, related N/A
A-CJS-CJSO-
200519/49
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
30
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
of
Operations
within the
Bounds of a
Memory
Buffer
to \x00 in a string literal.
CVE ID : CVE-2019-11834
Improper
Restriction
of
Operations
within the
Bounds of a
Memory
Buffer
09-05-2019 7.5
cJSON before 1.7.11 allows
out-of-bounds access, related
to multiline comments.
CVE ID : CVE-2019-11835
N/A A-CJS-CJSO-
200519/50
cyberark
enterprise_password_vault
Improper
Restriction
of XML
External
Entity
Reference
('XXE')
08-05-2019 7.5
An XML external entity (XXE)
vulnerability in the Password
Vault Web Access (PVWA) of
CyberArk Enterprise Password
Vault <=10.7 allows remote
attackers to read arbitrary
files or potentially bypass
authentication via a crafted
DTD in the SAML
authentication system.
CVE ID : CVE-2019-7442
N/A
A-CYB-
ENTE-
200519/51
denx
u-boot
Improper
Restriction
of
Operations
within the
Bounds of a
Memory
10-05-2019 7.5
Das U-Boot 2016.11-rc1
through 2019.04 mishandles
the ext4 64-bit extension,
resulting in a buffer overflow.
CVE ID : CVE-2019-11059
N/A
A-DEN-U-
BO-
200519/52
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
31
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Buffer
Use of
Insufficiently
Random
Values
03-05-2019 4.3
gen_rand_uuid in lib/uuid.c in
Das U-Boot v2014.04 through
v2019.04 lacks an srand call,
which allows attackers to
determine UUID values in
scenarios where
CONFIG_RANDOM_UUID is
enabled, and Das U-Boot is
relied upon for UUID values of
a GUID Partition Table of a
boot device.
CVE ID : CVE-2019-11690
N/A
A-DEN-U-
BO-
200519/53
dhcpcd_project
dhcpcd
Out-of-
bounds Read 05-05-2019 7.5
dhcp6.c in dhcpcd before
6.11.7 and 7.x before 7.2.2 has
a buffer over-read in the
D6_OPTION_PD_EXCLUDE
feature.
CVE ID : CVE-2019-11766
N/A
A-DHC-
DHCP-
200519/54
dkpro-core_project
dkpro-core
Improper
Limitation of
a Pathname
to a
Restricted
Directory
('Path
Traversal')
10-05-2019 6.4
core/api/datasets/internal/ac
tions/Explode.java in the
Dataset API in DKPro Core
through 1.10.0 allows
Directory Traversal, resulting
in the overwrite of local files
with the contents of an
archive.
CVE ID : CVE-2019-11082
N/A
A-DKP-
DKPR-
200519/55
Dovecot
dovecot
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
32
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Improper
Input
Validation
08-05-2019 5
In the IMAP Server in Dovecot
2.3.3 through 2.3.5.2, the
submission-login service
crashes when the client
disconnects prematurely
during the AUTH command.
CVE ID : CVE-2019-11494
N/A
A-DOV-
DOVE-
200519/56
Improper
Input
Validation
08-05-2019 5
In the IMAP Server in Dovecot
2.3.3 through 2.3.5.2, the
submission-login component
crashes if AUTH PLAIN is
attempted over a TLS secured
channel with an unacceptable
authentication message.
CVE ID : CVE-2019-11499
N/A
A-DOV-
DOVE-
200519/57
F5
big-ip_websafe
N/A 03-05-2019 6.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, Administrator and
Resource Administrator roles
might exploit TMSH access to
bypass Appliance Mode
restrictions on BIG-IP systems.
CVE ID : CVE-2019-6615
https://su
pport.f5.co
m/csp/arti
cle/K8765
9521
A-F5-BIG--
200519/58
big-ip_access_policy_manager
Improper
Input
Validation
03-05-2019 5
When BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8 are processing certain
rare data sequences occurring
in PPTP VPN traffic, the BIG-IP
system may execute incorrect
logic. The TMM may restart
and produce a core file as a
https://su
pport.f5.co
m/csp/arti
cle/K4752
7163
A-F5-BIG--
200519/59
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
33
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
result of this condition. The
BIG-IP system provisioned
with the CGNAT module and
configured with a virtual
server using a PPTP profile is
exposed to this vulnerability.
CVE ID : CVE-2019-6611
Improper
Input
Validation
03-05-2019 5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, DNS query TCP
connections that are aborted
before receiving a response
from a DNS cache may cause
TMM to restart.
CVE ID : CVE-2019-6612
https://su
pport.f5.co
m/csp/arti
cle/K2440
1914
A-F5-BIG--
200519/60
Information
Exposure 03-05-2019 5
On BIG-IP 13.0.0-13.1.1.4,
12.1.0-12.1.4, 11.6.1-11.6.3.4,
and 11.5.2-11.5.8, SNMP may
expose sensitive configuration
objects over insecure
transmission channels. This
issue is exposed when a
passphrase is used with
various profile types and is
accessed using SNMPv2.
CVE ID : CVE-2019-6613
https://su
pport.f5.co
m/csp/arti
cle/K2740
0151
A-F5-BIG--
200519/61
N/A 03-05-2019 5.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, and 12.1.0-
12.1.4, internal methods used
to prevent arbitrary file
overwrites in Appliance Mode
were not fully effective. An
authenticated attacker with a
high privilege level may be
able to bypass protections
implemented in appliance
https://su
pport.f5.co
m/csp/arti
cle/K4652
4395
A-F5-BIG--
200519/62
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
34
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
mode to overwrite arbitrary
system files.
CVE ID : CVE-2019-6614
N/A 03-05-2019 6.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, Administrator and
Resource Administrator roles
might exploit TMSH access to
bypass Appliance Mode
restrictions on BIG-IP systems.
CVE ID : CVE-2019-6615
https://su
pport.f5.co
m/csp/arti
cle/K8765
9521
A-F5-BIG--
200519/63
Improper
Access
Control
03-05-2019 6.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, administrative users
with TMSH access can
overwrite critical system files
on BIG-IP which can result in
bypass of whitelist / blacklist
restrictions enforced by
appliance mode.
CVE ID : CVE-2019-6616
https://su
pport.f5.co
m/csp/arti
cle/K8281
4400
A-F5-BIG--
200519/64
N/A 03-05-2019 5.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, a user with the
Resource Administrator role is
able to overwrite sensitive
low-level files (such as
/etc/passwd) using SFTP to
modify user permissions,
without Advanced Shell access.
This is contrary to our
definition for the Resource
Administrator (RA) role
https://su
pport.f5.co
m/csp/arti
cle/K3894
1195
A-F5-BIG--
200519/65
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
35
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
restrictions.
CVE ID : CVE-2019-6617
Improper
Access
Control
03-05-2019 4
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, users with the
Resource Administrator role
can modify sensitive portions
of the filesystem if provided
Advanced Shell Access, such as
editing /etc/passwd. This
allows modifications to user
objects and is contrary to our
definition for the Resource
Administrator (RA) role
restrictions.
CVE ID : CVE-2019-6618
https://su
pport.f5.co
m/csp/arti
cle/K0770
2240
A-F5-BIG--
200519/66
Improper
Input
Validation
03-05-2019 5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, and 12.1.0-
12.1.4, the Traffic Management
Microkernel (TMM) may
restart when a virtual server
has an HTTP/2 profile with
Application Layer Protocol
Negotiation (ALPN) enabled
and it processes traffic where
the ALPN extension size is
zero.
CVE ID : CVE-2019-6619
https://su
pport.f5.co
m/csp/arti
cle/K9456
3344
A-F5-BIG--
200519/67
big-ip_advanced_firewall_manager
Improper
Input
Validation
03-05-2019 5
When BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8 are processing certain
rare data sequences occurring
in PPTP VPN traffic, the BIG-IP
https://su
pport.f5.co
m/csp/arti
cle/K4752
7163
A-F5-BIG--
200519/68
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
36
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
system may execute incorrect
logic. The TMM may restart
and produce a core file as a
result of this condition. The
BIG-IP system provisioned
with the CGNAT module and
configured with a virtual
server using a PPTP profile is
exposed to this vulnerability.
CVE ID : CVE-2019-6611
Improper
Input
Validation
03-05-2019 5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, DNS query TCP
connections that are aborted
before receiving a response
from a DNS cache may cause
TMM to restart.
CVE ID : CVE-2019-6612
https://su
pport.f5.co
m/csp/arti
cle/K2440
1914
A-F5-BIG--
200519/69
Information
Exposure 03-05-2019 5
On BIG-IP 13.0.0-13.1.1.4,
12.1.0-12.1.4, 11.6.1-11.6.3.4,
and 11.5.2-11.5.8, SNMP may
expose sensitive configuration
objects over insecure
transmission channels. This
issue is exposed when a
passphrase is used with
various profile types and is
accessed using SNMPv2.
CVE ID : CVE-2019-6613
https://su
pport.f5.co
m/csp/arti
cle/K2740
0151
A-F5-BIG--
200519/70
N/A 03-05-2019 5.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, and 12.1.0-
12.1.4, internal methods used
to prevent arbitrary file
overwrites in Appliance Mode
were not fully effective. An
authenticated attacker with a
https://su
pport.f5.co
m/csp/arti
cle/K4652
4395
A-F5-BIG--
200519/71
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
37
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
high privilege level may be
able to bypass protections
implemented in appliance
mode to overwrite arbitrary
system files.
CVE ID : CVE-2019-6614
N/A 03-05-2019 6.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, Administrator and
Resource Administrator roles
might exploit TMSH access to
bypass Appliance Mode
restrictions on BIG-IP systems.
CVE ID : CVE-2019-6615
https://su
pport.f5.co
m/csp/arti
cle/K8765
9521
A-F5-BIG--
200519/72
Improper
Access
Control
03-05-2019 6.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, administrative users
with TMSH access can
overwrite critical system files
on BIG-IP which can result in
bypass of whitelist / blacklist
restrictions enforced by
appliance mode.
CVE ID : CVE-2019-6616
https://su
pport.f5.co
m/csp/arti
cle/K8281
4400
A-F5-BIG--
200519/73
N/A 03-05-2019 5.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, a user with the
Resource Administrator role is
able to overwrite sensitive
low-level files (such as
/etc/passwd) using SFTP to
modify user permissions,
without Advanced Shell access.
This is contrary to our
https://su
pport.f5.co
m/csp/arti
cle/K3894
1195
A-F5-BIG--
200519/74
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
38
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
definition for the Resource
Administrator (RA) role
restrictions.
CVE ID : CVE-2019-6617
Improper
Access
Control
03-05-2019 4
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, users with the
Resource Administrator role
can modify sensitive portions
of the filesystem if provided
Advanced Shell Access, such as
editing /etc/passwd. This
allows modifications to user
objects and is contrary to our
definition for the Resource
Administrator (RA) role
restrictions.
CVE ID : CVE-2019-6618
https://su
pport.f5.co
m/csp/arti
cle/K0770
2240
A-F5-BIG--
200519/75
Improper
Input
Validation
03-05-2019 5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, and 12.1.0-
12.1.4, the Traffic Management
Microkernel (TMM) may
restart when a virtual server
has an HTTP/2 profile with
Application Layer Protocol
Negotiation (ALPN) enabled
and it processes traffic where
the ALPN extension size is
zero.
CVE ID : CVE-2019-6619
https://su
pport.f5.co
m/csp/arti
cle/K9456
3344
A-F5-BIG--
200519/76
big-ip_analytics
Improper
Input
Validation
03-05-2019 5
When BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8 are processing certain
https://su
pport.f5.co
m/csp/arti
cle/K4752
A-F5-BIG--
200519/77
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
39
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
rare data sequences occurring
in PPTP VPN traffic, the BIG-IP
system may execute incorrect
logic. The TMM may restart
and produce a core file as a
result of this condition. The
BIG-IP system provisioned
with the CGNAT module and
configured with a virtual
server using a PPTP profile is
exposed to this vulnerability.
CVE ID : CVE-2019-6611
7163
Information
Exposure 03-05-2019 5
On BIG-IP 13.0.0-13.1.1.4,
12.1.0-12.1.4, 11.6.1-11.6.3.4,
and 11.5.2-11.5.8, SNMP may
expose sensitive configuration
objects over insecure
transmission channels. This
issue is exposed when a
passphrase is used with
various profile types and is
accessed using SNMPv2.
CVE ID : CVE-2019-6613
https://su
pport.f5.co
m/csp/arti
cle/K2740
0151
A-F5-BIG--
200519/78
N/A 03-05-2019 5.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, and 12.1.0-
12.1.4, internal methods used
to prevent arbitrary file
overwrites in Appliance Mode
were not fully effective. An
authenticated attacker with a
high privilege level may be
able to bypass protections
implemented in appliance
mode to overwrite arbitrary
system files.
CVE ID : CVE-2019-6614
https://su
pport.f5.co
m/csp/arti
cle/K4652
4395
A-F5-BIG--
200519/79
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
40
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
N/A 03-05-2019 6.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, Administrator and
Resource Administrator roles
might exploit TMSH access to
bypass Appliance Mode
restrictions on BIG-IP systems.
CVE ID : CVE-2019-6615
https://su
pport.f5.co
m/csp/arti
cle/K8765
9521
A-F5-BIG--
200519/80
Improper
Access
Control
03-05-2019 6.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, administrative users
with TMSH access can
overwrite critical system files
on BIG-IP which can result in
bypass of whitelist / blacklist
restrictions enforced by
appliance mode.
CVE ID : CVE-2019-6616
https://su
pport.f5.co
m/csp/arti
cle/K8281
4400
A-F5-BIG--
200519/81
N/A 03-05-2019 5.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, a user with the
Resource Administrator role is
able to overwrite sensitive
low-level files (such as
/etc/passwd) using SFTP to
modify user permissions,
without Advanced Shell access.
This is contrary to our
definition for the Resource
Administrator (RA) role
restrictions.
CVE ID : CVE-2019-6617
https://su
pport.f5.co
m/csp/arti
cle/K3894
1195
A-F5-BIG--
200519/82
Improper
Access 03-05-2019 4 On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
https://su
pport.f5.coA-F5-BIG--
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
41
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Control 11.6.1-11.6.3.4, and 11.5.2-
11.5.8, users with the
Resource Administrator role
can modify sensitive portions
of the filesystem if provided
Advanced Shell Access, such as
editing /etc/passwd. This
allows modifications to user
objects and is contrary to our
definition for the Resource
Administrator (RA) role
restrictions.
CVE ID : CVE-2019-6618
m/csp/arti
cle/K0770
2240
200519/83
big-ip_application_acceleration_manager
Improper
Input
Validation
03-05-2019 5
When BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8 are processing certain
rare data sequences occurring
in PPTP VPN traffic, the BIG-IP
system may execute incorrect
logic. The TMM may restart
and produce a core file as a
result of this condition. The
BIG-IP system provisioned
with the CGNAT module and
configured with a virtual
server using a PPTP profile is
exposed to this vulnerability.
CVE ID : CVE-2019-6611
https://su
pport.f5.co
m/csp/arti
cle/K4752
7163
A-F5-BIG--
200519/84
Improper
Input
Validation
03-05-2019 5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, DNS query TCP
connections that are aborted
before receiving a response
from a DNS cache may cause
https://su
pport.f5.co
m/csp/arti
cle/K2440
1914
A-F5-BIG--
200519/85
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
42
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
TMM to restart.
CVE ID : CVE-2019-6612
Information
Exposure 03-05-2019 5
On BIG-IP 13.0.0-13.1.1.4,
12.1.0-12.1.4, 11.6.1-11.6.3.4,
and 11.5.2-11.5.8, SNMP may
expose sensitive configuration
objects over insecure
transmission channels. This
issue is exposed when a
passphrase is used with
various profile types and is
accessed using SNMPv2.
CVE ID : CVE-2019-6613
https://su
pport.f5.co
m/csp/arti
cle/K2740
0151
A-F5-BIG--
200519/86
N/A 03-05-2019 5.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, and 12.1.0-
12.1.4, internal methods used
to prevent arbitrary file
overwrites in Appliance Mode
were not fully effective. An
authenticated attacker with a
high privilege level may be
able to bypass protections
implemented in appliance
mode to overwrite arbitrary
system files.
CVE ID : CVE-2019-6614
https://su
pport.f5.co
m/csp/arti
cle/K4652
4395
A-F5-BIG--
200519/87
N/A 03-05-2019 6.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, Administrator and
Resource Administrator roles
might exploit TMSH access to
bypass Appliance Mode
restrictions on BIG-IP systems.
CVE ID : CVE-2019-6615
https://su
pport.f5.co
m/csp/arti
cle/K8765
9521
A-F5-BIG--
200519/88
Improper 03-05-2019 6.5 On BIG-IP 14.0.0-14.1.0.1, https://su A-F5-BIG--
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
43
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Access
Control
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, administrative users
with TMSH access can
overwrite critical system files
on BIG-IP which can result in
bypass of whitelist / blacklist
restrictions enforced by
appliance mode.
CVE ID : CVE-2019-6616
pport.f5.co
m/csp/arti
cle/K8281
4400
200519/89
N/A 03-05-2019 5.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, a user with the
Resource Administrator role is
able to overwrite sensitive
low-level files (such as
/etc/passwd) using SFTP to
modify user permissions,
without Advanced Shell access.
This is contrary to our
definition for the Resource
Administrator (RA) role
restrictions.
CVE ID : CVE-2019-6617
https://su
pport.f5.co
m/csp/arti
cle/K3894
1195
A-F5-BIG--
200519/90
Improper
Access
Control
03-05-2019 4
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, users with the
Resource Administrator role
can modify sensitive portions
of the filesystem if provided
Advanced Shell Access, such as
editing /etc/passwd. This
allows modifications to user
objects and is contrary to our
definition for the Resource
https://su
pport.f5.co
m/csp/arti
cle/K0770
2240
A-F5-BIG--
200519/91
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
44
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Administrator (RA) role
restrictions.
CVE ID : CVE-2019-6618
Improper
Input
Validation
03-05-2019 5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, and 12.1.0-
12.1.4, the Traffic Management
Microkernel (TMM) may
restart when a virtual server
has an HTTP/2 profile with
Application Layer Protocol
Negotiation (ALPN) enabled
and it processes traffic where
the ALPN extension size is
zero.
CVE ID : CVE-2019-6619
https://su
pport.f5.co
m/csp/arti
cle/K9456
3344
A-F5-BIG--
200519/92
big-ip_application_security_manager
Improper
Input
Validation
03-05-2019 5
When BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8 are processing certain
rare data sequences occurring
in PPTP VPN traffic, the BIG-IP
system may execute incorrect
logic. The TMM may restart
and produce a core file as a
result of this condition. The
BIG-IP system provisioned
with the CGNAT module and
configured with a virtual
server using a PPTP profile is
exposed to this vulnerability.
CVE ID : CVE-2019-6611
https://su
pport.f5.co
m/csp/arti
cle/K4752
7163
A-F5-BIG--
200519/93
Improper
Input
Validation
03-05-2019 5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, DNS query TCP
https://su
pport.f5.co
m/csp/arti
cle/K2440
A-F5-BIG--
200519/94
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
45
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
connections that are aborted
before receiving a response
from a DNS cache may cause
TMM to restart.
CVE ID : CVE-2019-6612
1914
Information
Exposure 03-05-2019 5
On BIG-IP 13.0.0-13.1.1.4,
12.1.0-12.1.4, 11.6.1-11.6.3.4,
and 11.5.2-11.5.8, SNMP may
expose sensitive configuration
objects over insecure
transmission channels. This
issue is exposed when a
passphrase is used with
various profile types and is
accessed using SNMPv2.
CVE ID : CVE-2019-6613
https://su
pport.f5.co
m/csp/arti
cle/K2740
0151
A-F5-BIG--
200519/95
N/A 03-05-2019 5.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, and 12.1.0-
12.1.4, internal methods used
to prevent arbitrary file
overwrites in Appliance Mode
were not fully effective. An
authenticated attacker with a
high privilege level may be
able to bypass protections
implemented in appliance
mode to overwrite arbitrary
system files.
CVE ID : CVE-2019-6614
https://su
pport.f5.co
m/csp/arti
cle/K4652
4395
A-F5-BIG--
200519/96
N/A 03-05-2019 6.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, Administrator and
Resource Administrator roles
might exploit TMSH access to
bypass Appliance Mode
https://su
pport.f5.co
m/csp/arti
cle/K8765
9521
A-F5-BIG--
200519/97
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
46
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
restrictions on BIG-IP systems.
CVE ID : CVE-2019-6615
Improper
Access
Control
03-05-2019 6.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, administrative users
with TMSH access can
overwrite critical system files
on BIG-IP which can result in
bypass of whitelist / blacklist
restrictions enforced by
appliance mode.
CVE ID : CVE-2019-6616
https://su
pport.f5.co
m/csp/arti
cle/K8281
4400
A-F5-BIG--
200519/98
N/A 03-05-2019 5.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, a user with the
Resource Administrator role is
able to overwrite sensitive
low-level files (such as
/etc/passwd) using SFTP to
modify user permissions,
without Advanced Shell access.
This is contrary to our
definition for the Resource
Administrator (RA) role
restrictions.
CVE ID : CVE-2019-6617
https://su
pport.f5.co
m/csp/arti
cle/K3894
1195
A-F5-BIG--
200519/99
Improper
Access
Control
03-05-2019 4
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, users with the
Resource Administrator role
can modify sensitive portions
of the filesystem if provided
Advanced Shell Access, such as
editing /etc/passwd. This
https://su
pport.f5.co
m/csp/arti
cle/K0770
2240
A-F5-BIG--
200519/100
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
47
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
allows modifications to user
objects and is contrary to our
definition for the Resource
Administrator (RA) role
restrictions.
CVE ID : CVE-2019-6618
Improper
Input
Validation
03-05-2019 5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, and 12.1.0-
12.1.4, the Traffic Management
Microkernel (TMM) may
restart when a virtual server
has an HTTP/2 profile with
Application Layer Protocol
Negotiation (ALPN) enabled
and it processes traffic where
the ALPN extension size is
zero.
CVE ID : CVE-2019-6619
https://su
pport.f5.co
m/csp/arti
cle/K9456
3344
A-F5-BIG--
200519/101
big-ip_domain_name_system
Improper
Input
Validation
03-05-2019 5
When BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8 are processing certain
rare data sequences occurring
in PPTP VPN traffic, the BIG-IP
system may execute incorrect
logic. The TMM may restart
and produce a core file as a
result of this condition. The
BIG-IP system provisioned
with the CGNAT module and
configured with a virtual
server using a PPTP profile is
exposed to this vulnerability.
CVE ID : CVE-2019-6611
https://su
pport.f5.co
m/csp/arti
cle/K4752
7163
A-F5-BIG--
200519/102
Improper 03-05-2019 5 On BIG-IP 14.0.0-14.1.0.1, https://su A-F5-BIG--
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
48
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Input
Validation
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, DNS query TCP
connections that are aborted
before receiving a response
from a DNS cache may cause
TMM to restart.
CVE ID : CVE-2019-6612
pport.f5.co
m/csp/arti
cle/K2440
1914
200519/103
Information
Exposure 03-05-2019 5
On BIG-IP 13.0.0-13.1.1.4,
12.1.0-12.1.4, 11.6.1-11.6.3.4,
and 11.5.2-11.5.8, SNMP may
expose sensitive configuration
objects over insecure
transmission channels. This
issue is exposed when a
passphrase is used with
various profile types and is
accessed using SNMPv2.
CVE ID : CVE-2019-6613
https://su
pport.f5.co
m/csp/arti
cle/K2740
0151
A-F5-BIG--
200519/104
N/A 03-05-2019 5.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, and 12.1.0-
12.1.4, internal methods used
to prevent arbitrary file
overwrites in Appliance Mode
were not fully effective. An
authenticated attacker with a
high privilege level may be
able to bypass protections
implemented in appliance
mode to overwrite arbitrary
system files.
CVE ID : CVE-2019-6614
https://su
pport.f5.co
m/csp/arti
cle/K4652
4395
A-F5-BIG--
200519/105
N/A 03-05-2019 6.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, Administrator and
Resource Administrator roles
https://su
pport.f5.co
m/csp/arti
cle/K8765
A-F5-BIG--
200519/106
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
49
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
might exploit TMSH access to
bypass Appliance Mode
restrictions on BIG-IP systems.
CVE ID : CVE-2019-6615
9521
Improper
Access
Control
03-05-2019 6.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, administrative users
with TMSH access can
overwrite critical system files
on BIG-IP which can result in
bypass of whitelist / blacklist
restrictions enforced by
appliance mode.
CVE ID : CVE-2019-6616
https://su
pport.f5.co
m/csp/arti
cle/K8281
4400
A-F5-BIG--
200519/107
N/A 03-05-2019 5.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, a user with the
Resource Administrator role is
able to overwrite sensitive
low-level files (such as
/etc/passwd) using SFTP to
modify user permissions,
without Advanced Shell access.
This is contrary to our
definition for the Resource
Administrator (RA) role
restrictions.
CVE ID : CVE-2019-6617
https://su
pport.f5.co
m/csp/arti
cle/K3894
1195
A-F5-BIG--
200519/108
Improper
Access
Control
03-05-2019 4
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, users with the
Resource Administrator role
can modify sensitive portions
of the filesystem if provided
https://su
pport.f5.co
m/csp/arti
cle/K0770
2240
A-F5-BIG--
200519/109
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
50
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Advanced Shell Access, such as
editing /etc/passwd. This
allows modifications to user
objects and is contrary to our
definition for the Resource
Administrator (RA) role
restrictions.
CVE ID : CVE-2019-6618
big-ip_edge_gateway
Improper
Input
Validation
03-05-2019 5
When BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8 are processing certain
rare data sequences occurring
in PPTP VPN traffic, the BIG-IP
system may execute incorrect
logic. The TMM may restart
and produce a core file as a
result of this condition. The
BIG-IP system provisioned
with the CGNAT module and
configured with a virtual
server using a PPTP profile is
exposed to this vulnerability.
CVE ID : CVE-2019-6611
https://su
pport.f5.co
m/csp/arti
cle/K4752
7163
A-F5-BIG--
200519/110
Information
Exposure 03-05-2019 5
On BIG-IP 13.0.0-13.1.1.4,
12.1.0-12.1.4, 11.6.1-11.6.3.4,
and 11.5.2-11.5.8, SNMP may
expose sensitive configuration
objects over insecure
transmission channels. This
issue is exposed when a
passphrase is used with
various profile types and is
accessed using SNMPv2.
CVE ID : CVE-2019-6613
https://su
pport.f5.co
m/csp/arti
cle/K2740
0151
A-F5-BIG--
200519/111
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
51
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
N/A 03-05-2019 5.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, and 12.1.0-
12.1.4, internal methods used
to prevent arbitrary file
overwrites in Appliance Mode
were not fully effective. An
authenticated attacker with a
high privilege level may be
able to bypass protections
implemented in appliance
mode to overwrite arbitrary
system files.
CVE ID : CVE-2019-6614
https://su
pport.f5.co
m/csp/arti
cle/K4652
4395
A-F5-BIG--
200519/112
N/A 03-05-2019 6.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, Administrator and
Resource Administrator roles
might exploit TMSH access to
bypass Appliance Mode
restrictions on BIG-IP systems.
CVE ID : CVE-2019-6615
https://su
pport.f5.co
m/csp/arti
cle/K8765
9521
A-F5-BIG--
200519/113
Improper
Access
Control
03-05-2019 6.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, administrative users
with TMSH access can
overwrite critical system files
on BIG-IP which can result in
bypass of whitelist / blacklist
restrictions enforced by
appliance mode.
CVE ID : CVE-2019-6616
https://su
pport.f5.co
m/csp/arti
cle/K8281
4400
A-F5-BIG--
200519/114
N/A 03-05-2019 5.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, a user with the
https://su
pport.f5.co
m/csp/arti
cle/K3894
A-F5-BIG--
200519/115
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
52
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Resource Administrator role is
able to overwrite sensitive
low-level files (such as
/etc/passwd) using SFTP to
modify user permissions,
without Advanced Shell access.
This is contrary to our
definition for the Resource
Administrator (RA) role
restrictions.
CVE ID : CVE-2019-6617
1195
Improper
Access
Control
03-05-2019 4
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, users with the
Resource Administrator role
can modify sensitive portions
of the filesystem if provided
Advanced Shell Access, such as
editing /etc/passwd. This
allows modifications to user
objects and is contrary to our
definition for the Resource
Administrator (RA) role
restrictions.
CVE ID : CVE-2019-6618
https://su
pport.f5.co
m/csp/arti
cle/K0770
2240
A-F5-BIG--
200519/116
big-ip_fraud_protection_service
Improper
Input
Validation
03-05-2019 5
When BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8 are processing certain
rare data sequences occurring
in PPTP VPN traffic, the BIG-IP
system may execute incorrect
logic. The TMM may restart
and produce a core file as a
result of this condition. The
https://su
pport.f5.co
m/csp/arti
cle/K4752
7163
A-F5-BIG--
200519/117
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
53
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
BIG-IP system provisioned
with the CGNAT module and
configured with a virtual
server using a PPTP profile is
exposed to this vulnerability.
CVE ID : CVE-2019-6611
Information
Exposure 03-05-2019 5
On BIG-IP 13.0.0-13.1.1.4,
12.1.0-12.1.4, 11.6.1-11.6.3.4,
and 11.5.2-11.5.8, SNMP may
expose sensitive configuration
objects over insecure
transmission channels. This
issue is exposed when a
passphrase is used with
various profile types and is
accessed using SNMPv2.
CVE ID : CVE-2019-6613
https://su
pport.f5.co
m/csp/arti
cle/K2740
0151
A-F5-BIG--
200519/118
N/A 03-05-2019 5.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, and 12.1.0-
12.1.4, internal methods used
to prevent arbitrary file
overwrites in Appliance Mode
were not fully effective. An
authenticated attacker with a
high privilege level may be
able to bypass protections
implemented in appliance
mode to overwrite arbitrary
system files.
CVE ID : CVE-2019-6614
https://su
pport.f5.co
m/csp/arti
cle/K4652
4395
A-F5-BIG--
200519/119
Improper
Access
Control
03-05-2019 6.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, administrative users
with TMSH access can
overwrite critical system files
on BIG-IP which can result in
https://su
pport.f5.co
m/csp/arti
cle/K8281
4400
A-F5-BIG--
200519/120
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
54
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
bypass of whitelist / blacklist
restrictions enforced by
appliance mode.
CVE ID : CVE-2019-6616
N/A 03-05-2019 5.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, a user with the
Resource Administrator role is
able to overwrite sensitive
low-level files (such as
/etc/passwd) using SFTP to
modify user permissions,
without Advanced Shell access.
This is contrary to our
definition for the Resource
Administrator (RA) role
restrictions.
CVE ID : CVE-2019-6617
https://su
pport.f5.co
m/csp/arti
cle/K3894
1195
A-F5-BIG--
200519/121
Improper
Access
Control
03-05-2019 4
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, users with the
Resource Administrator role
can modify sensitive portions
of the filesystem if provided
Advanced Shell Access, such as
editing /etc/passwd. This
allows modifications to user
objects and is contrary to our
definition for the Resource
Administrator (RA) role
restrictions.
CVE ID : CVE-2019-6618
https://su
pport.f5.co
m/csp/arti
cle/K0770
2240
A-F5-BIG--
200519/122
big-ip_global_traffic_manager
Improper 03-05-2019 5 When BIG-IP 14.0.0-14.1.0.1, https://su A-F5-BIG--
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
55
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Input
Validation
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8 are processing certain
rare data sequences occurring
in PPTP VPN traffic, the BIG-IP
system may execute incorrect
logic. The TMM may restart
and produce a core file as a
result of this condition. The
BIG-IP system provisioned
with the CGNAT module and
configured with a virtual
server using a PPTP profile is
exposed to this vulnerability.
CVE ID : CVE-2019-6611
pport.f5.co
m/csp/arti
cle/K4752
7163
200519/123
Improper
Input
Validation
03-05-2019 5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, DNS query TCP
connections that are aborted
before receiving a response
from a DNS cache may cause
TMM to restart.
CVE ID : CVE-2019-6612
https://su
pport.f5.co
m/csp/arti
cle/K2440
1914
A-F5-BIG--
200519/124
Information
Exposure 03-05-2019 5
On BIG-IP 13.0.0-13.1.1.4,
12.1.0-12.1.4, 11.6.1-11.6.3.4,
and 11.5.2-11.5.8, SNMP may
expose sensitive configuration
objects over insecure
transmission channels. This
issue is exposed when a
passphrase is used with
various profile types and is
accessed using SNMPv2.
CVE ID : CVE-2019-6613
https://su
pport.f5.co
m/csp/arti
cle/K2740
0151
A-F5-BIG--
200519/125
N/A 03-05-2019 5.5 On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, and 12.1.0-
https://su
pport.f5.coA-F5-BIG--
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
56
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
12.1.4, internal methods used
to prevent arbitrary file
overwrites in Appliance Mode
were not fully effective. An
authenticated attacker with a
high privilege level may be
able to bypass protections
implemented in appliance
mode to overwrite arbitrary
system files.
CVE ID : CVE-2019-6614
m/csp/arti
cle/K4652
4395
200519/126
N/A 03-05-2019 6.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, Administrator and
Resource Administrator roles
might exploit TMSH access to
bypass Appliance Mode
restrictions on BIG-IP systems.
CVE ID : CVE-2019-6615
https://su
pport.f5.co
m/csp/arti
cle/K8765
9521
A-F5-BIG--
200519/127
Improper
Access
Control
03-05-2019 6.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, administrative users
with TMSH access can
overwrite critical system files
on BIG-IP which can result in
bypass of whitelist / blacklist
restrictions enforced by
appliance mode.
CVE ID : CVE-2019-6616
https://su
pport.f5.co
m/csp/arti
cle/K8281
4400
A-F5-BIG--
200519/128
N/A 03-05-2019 5.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, a user with the
Resource Administrator role is
able to overwrite sensitive
https://su
pport.f5.co
m/csp/arti
cle/K3894
1195
A-F5-BIG--
200519/129
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
57
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
low-level files (such as
/etc/passwd) using SFTP to
modify user permissions,
without Advanced Shell access.
This is contrary to our
definition for the Resource
Administrator (RA) role
restrictions.
CVE ID : CVE-2019-6617
Improper
Access
Control
03-05-2019 4
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, users with the
Resource Administrator role
can modify sensitive portions
of the filesystem if provided
Advanced Shell Access, such as
editing /etc/passwd. This
allows modifications to user
objects and is contrary to our
definition for the Resource
Administrator (RA) role
restrictions.
CVE ID : CVE-2019-6618
https://su
pport.f5.co
m/csp/arti
cle/K0770
2240
A-F5-BIG--
200519/130
big-ip_link_controller
Improper
Input
Validation
03-05-2019 5
When BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8 are processing certain
rare data sequences occurring
in PPTP VPN traffic, the BIG-IP
system may execute incorrect
logic. The TMM may restart
and produce a core file as a
result of this condition. The
BIG-IP system provisioned
with the CGNAT module and
https://su
pport.f5.co
m/csp/arti
cle/K4752
7163
A-F5-BIG--
200519/131
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
58
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
configured with a virtual
server using a PPTP profile is
exposed to this vulnerability.
CVE ID : CVE-2019-6611
Improper
Input
Validation
03-05-2019 5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, DNS query TCP
connections that are aborted
before receiving a response
from a DNS cache may cause
TMM to restart.
CVE ID : CVE-2019-6612
https://su
pport.f5.co
m/csp/arti
cle/K2440
1914
A-F5-BIG--
200519/132
Information
Exposure 03-05-2019 5
On BIG-IP 13.0.0-13.1.1.4,
12.1.0-12.1.4, 11.6.1-11.6.3.4,
and 11.5.2-11.5.8, SNMP may
expose sensitive configuration
objects over insecure
transmission channels. This
issue is exposed when a
passphrase is used with
various profile types and is
accessed using SNMPv2.
CVE ID : CVE-2019-6613
https://su
pport.f5.co
m/csp/arti
cle/K2740
0151
A-F5-BIG--
200519/133
N/A 03-05-2019 5.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, and 12.1.0-
12.1.4, internal methods used
to prevent arbitrary file
overwrites in Appliance Mode
were not fully effective. An
authenticated attacker with a
high privilege level may be
able to bypass protections
implemented in appliance
mode to overwrite arbitrary
system files.
https://su
pport.f5.co
m/csp/arti
cle/K4652
4395
A-F5-BIG--
200519/134
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
59
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
CVE ID : CVE-2019-6614
N/A 03-05-2019 6.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, Administrator and
Resource Administrator roles
might exploit TMSH access to
bypass Appliance Mode
restrictions on BIG-IP systems.
CVE ID : CVE-2019-6615
https://su
pport.f5.co
m/csp/arti
cle/K8765
9521
A-F5-BIG--
200519/135
Improper
Access
Control
03-05-2019 6.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, administrative users
with TMSH access can
overwrite critical system files
on BIG-IP which can result in
bypass of whitelist / blacklist
restrictions enforced by
appliance mode.
CVE ID : CVE-2019-6616
https://su
pport.f5.co
m/csp/arti
cle/K8281
4400
A-F5-BIG--
200519/136
N/A 03-05-2019 5.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, a user with the
Resource Administrator role is
able to overwrite sensitive
low-level files (such as
/etc/passwd) using SFTP to
modify user permissions,
without Advanced Shell access.
This is contrary to our
definition for the Resource
Administrator (RA) role
restrictions.
CVE ID : CVE-2019-6617
https://su
pport.f5.co
m/csp/arti
cle/K3894
1195
A-F5-BIG--
200519/137
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
60
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Improper
Access
Control
03-05-2019 4
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, users with the
Resource Administrator role
can modify sensitive portions
of the filesystem if provided
Advanced Shell Access, such as
editing /etc/passwd. This
allows modifications to user
objects and is contrary to our
definition for the Resource
Administrator (RA) role
restrictions.
CVE ID : CVE-2019-6618
https://su
pport.f5.co
m/csp/arti
cle/K0770
2240
A-F5-BIG--
200519/138
Improper
Input
Validation
03-05-2019 5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, and 12.1.0-
12.1.4, the Traffic Management
Microkernel (TMM) may
restart when a virtual server
has an HTTP/2 profile with
Application Layer Protocol
Negotiation (ALPN) enabled
and it processes traffic where
the ALPN extension size is
zero.
CVE ID : CVE-2019-6619
https://su
pport.f5.co
m/csp/arti
cle/K9456
3344
A-F5-BIG--
200519/139
big-ip_local_traffic_manager
Improper
Input
Validation
03-05-2019 5
When BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8 are processing certain
rare data sequences occurring
in PPTP VPN traffic, the BIG-IP
system may execute incorrect
logic. The TMM may restart
and produce a core file as a
https://su
pport.f5.co
m/csp/arti
cle/K4752
7163
A-F5-BIG--
200519/140
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
61
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
result of this condition. The
BIG-IP system provisioned
with the CGNAT module and
configured with a virtual
server using a PPTP profile is
exposed to this vulnerability.
CVE ID : CVE-2019-6611
Improper
Input
Validation
03-05-2019 5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, DNS query TCP
connections that are aborted
before receiving a response
from a DNS cache may cause
TMM to restart.
CVE ID : CVE-2019-6612
https://su
pport.f5.co
m/csp/arti
cle/K2440
1914
A-F5-BIG--
200519/141
Information
Exposure 03-05-2019 5
On BIG-IP 13.0.0-13.1.1.4,
12.1.0-12.1.4, 11.6.1-11.6.3.4,
and 11.5.2-11.5.8, SNMP may
expose sensitive configuration
objects over insecure
transmission channels. This
issue is exposed when a
passphrase is used with
various profile types and is
accessed using SNMPv2.
CVE ID : CVE-2019-6613
https://su
pport.f5.co
m/csp/arti
cle/K2740
0151
A-F5-BIG--
200519/142
N/A 03-05-2019 5.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, and 12.1.0-
12.1.4, internal methods used
to prevent arbitrary file
overwrites in Appliance Mode
were not fully effective. An
authenticated attacker with a
high privilege level may be
able to bypass protections
implemented in appliance
https://su
pport.f5.co
m/csp/arti
cle/K4652
4395
A-F5-BIG--
200519/143
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
62
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
mode to overwrite arbitrary
system files.
CVE ID : CVE-2019-6614
N/A 03-05-2019 6.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, Administrator and
Resource Administrator roles
might exploit TMSH access to
bypass Appliance Mode
restrictions on BIG-IP systems.
CVE ID : CVE-2019-6615
https://su
pport.f5.co
m/csp/arti
cle/K8765
9521
A-F5-BIG--
200519/144
Improper
Access
Control
03-05-2019 6.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, administrative users
with TMSH access can
overwrite critical system files
on BIG-IP which can result in
bypass of whitelist / blacklist
restrictions enforced by
appliance mode.
CVE ID : CVE-2019-6616
https://su
pport.f5.co
m/csp/arti
cle/K8281
4400
A-F5-BIG--
200519/145
N/A 03-05-2019 5.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, a user with the
Resource Administrator role is
able to overwrite sensitive
low-level files (such as
/etc/passwd) using SFTP to
modify user permissions,
without Advanced Shell access.
This is contrary to our
definition for the Resource
Administrator (RA) role
https://su
pport.f5.co
m/csp/arti
cle/K3894
1195
A-F5-BIG--
200519/146
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
63
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
restrictions.
CVE ID : CVE-2019-6617
Improper
Access
Control
03-05-2019 4
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, users with the
Resource Administrator role
can modify sensitive portions
of the filesystem if provided
Advanced Shell Access, such as
editing /etc/passwd. This
allows modifications to user
objects and is contrary to our
definition for the Resource
Administrator (RA) role
restrictions.
CVE ID : CVE-2019-6618
https://su
pport.f5.co
m/csp/arti
cle/K0770
2240
A-F5-BIG--
200519/147
Improper
Input
Validation
03-05-2019 5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, and 12.1.0-
12.1.4, the Traffic Management
Microkernel (TMM) may
restart when a virtual server
has an HTTP/2 profile with
Application Layer Protocol
Negotiation (ALPN) enabled
and it processes traffic where
the ALPN extension size is
zero.
CVE ID : CVE-2019-6619
https://su
pport.f5.co
m/csp/arti
cle/K9456
3344
A-F5-BIG--
200519/148
big-ip_policy_enforcement_manager
Improper
Input
Validation
03-05-2019 5
When BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8 are processing certain
rare data sequences occurring
in PPTP VPN traffic, the BIG-IP
https://su
pport.f5.co
m/csp/arti
cle/K4752
7163
A-F5-BIG--
200519/149
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
64
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
system may execute incorrect
logic. The TMM may restart
and produce a core file as a
result of this condition. The
BIG-IP system provisioned
with the CGNAT module and
configured with a virtual
server using a PPTP profile is
exposed to this vulnerability.
CVE ID : CVE-2019-6611
Improper
Input
Validation
03-05-2019 5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, DNS query TCP
connections that are aborted
before receiving a response
from a DNS cache may cause
TMM to restart.
CVE ID : CVE-2019-6612
https://su
pport.f5.co
m/csp/arti
cle/K2440
1914
A-F5-BIG--
200519/150
Information
Exposure 03-05-2019 5
On BIG-IP 13.0.0-13.1.1.4,
12.1.0-12.1.4, 11.6.1-11.6.3.4,
and 11.5.2-11.5.8, SNMP may
expose sensitive configuration
objects over insecure
transmission channels. This
issue is exposed when a
passphrase is used with
various profile types and is
accessed using SNMPv2.
CVE ID : CVE-2019-6613
https://su
pport.f5.co
m/csp/arti
cle/K2740
0151
A-F5-BIG--
200519/151
N/A 03-05-2019 5.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, and 12.1.0-
12.1.4, internal methods used
to prevent arbitrary file
overwrites in Appliance Mode
were not fully effective. An
authenticated attacker with a
https://su
pport.f5.co
m/csp/arti
cle/K4652
4395
A-F5-BIG--
200519/152
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
65
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
high privilege level may be
able to bypass protections
implemented in appliance
mode to overwrite arbitrary
system files.
CVE ID : CVE-2019-6614
N/A 03-05-2019 6.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, Administrator and
Resource Administrator roles
might exploit TMSH access to
bypass Appliance Mode
restrictions on BIG-IP systems.
CVE ID : CVE-2019-6615
https://su
pport.f5.co
m/csp/arti
cle/K8765
9521
A-F5-BIG--
200519/153
Improper
Access
Control
03-05-2019 6.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, administrative users
with TMSH access can
overwrite critical system files
on BIG-IP which can result in
bypass of whitelist / blacklist
restrictions enforced by
appliance mode.
CVE ID : CVE-2019-6616
https://su
pport.f5.co
m/csp/arti
cle/K8281
4400
A-F5-BIG--
200519/154
N/A 03-05-2019 5.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, a user with the
Resource Administrator role is
able to overwrite sensitive
low-level files (such as
/etc/passwd) using SFTP to
modify user permissions,
without Advanced Shell access.
This is contrary to our
https://su
pport.f5.co
m/csp/arti
cle/K3894
1195
A-F5-BIG--
200519/155
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
66
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
definition for the Resource
Administrator (RA) role
restrictions.
CVE ID : CVE-2019-6617
Improper
Access
Control
03-05-2019 4
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, users with the
Resource Administrator role
can modify sensitive portions
of the filesystem if provided
Advanced Shell Access, such as
editing /etc/passwd. This
allows modifications to user
objects and is contrary to our
definition for the Resource
Administrator (RA) role
restrictions.
CVE ID : CVE-2019-6618
https://su
pport.f5.co
m/csp/arti
cle/K0770
2240
A-F5-BIG--
200519/156
Improper
Input
Validation
03-05-2019 5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, and 12.1.0-
12.1.4, the Traffic Management
Microkernel (TMM) may
restart when a virtual server
has an HTTP/2 profile with
Application Layer Protocol
Negotiation (ALPN) enabled
and it processes traffic where
the ALPN extension size is
zero.
CVE ID : CVE-2019-6619
https://su
pport.f5.co
m/csp/arti
cle/K9456
3344
A-F5-BIG--
200519/157
big-ip_webaccelerator
Improper
Input
Validation
03-05-2019 5
When BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8 are processing certain
https://su
pport.f5.co
m/csp/arti
cle/K4752
A-F5-BIG--
200519/158
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
67
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
rare data sequences occurring
in PPTP VPN traffic, the BIG-IP
system may execute incorrect
logic. The TMM may restart
and produce a core file as a
result of this condition. The
BIG-IP system provisioned
with the CGNAT module and
configured with a virtual
server using a PPTP profile is
exposed to this vulnerability.
CVE ID : CVE-2019-6611
7163
Information
Exposure 03-05-2019 5
On BIG-IP 13.0.0-13.1.1.4,
12.1.0-12.1.4, 11.6.1-11.6.3.4,
and 11.5.2-11.5.8, SNMP may
expose sensitive configuration
objects over insecure
transmission channels. This
issue is exposed when a
passphrase is used with
various profile types and is
accessed using SNMPv2.
CVE ID : CVE-2019-6613
https://su
pport.f5.co
m/csp/arti
cle/K2740
0151
A-F5-BIG--
200519/159
N/A 03-05-2019 5.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, and 12.1.0-
12.1.4, internal methods used
to prevent arbitrary file
overwrites in Appliance Mode
were not fully effective. An
authenticated attacker with a
high privilege level may be
able to bypass protections
implemented in appliance
mode to overwrite arbitrary
system files.
CVE ID : CVE-2019-6614
https://su
pport.f5.co
m/csp/arti
cle/K4652
4395
A-F5-BIG--
200519/160
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
68
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
N/A 03-05-2019 6.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, Administrator and
Resource Administrator roles
might exploit TMSH access to
bypass Appliance Mode
restrictions on BIG-IP systems.
CVE ID : CVE-2019-6615
https://su
pport.f5.co
m/csp/arti
cle/K8765
9521
A-F5-BIG--
200519/161
Improper
Access
Control
03-05-2019 6.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, administrative users
with TMSH access can
overwrite critical system files
on BIG-IP which can result in
bypass of whitelist / blacklist
restrictions enforced by
appliance mode.
CVE ID : CVE-2019-6616
https://su
pport.f5.co
m/csp/arti
cle/K8281
4400
A-F5-BIG--
200519/162
N/A 03-05-2019 5.5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
11.6.1-11.6.3.4, and 11.5.2-
11.5.8, a user with the
Resource Administrator role is
able to overwrite sensitive
low-level files (such as
/etc/passwd) using SFTP to
modify user permissions,
without Advanced Shell access.
This is contrary to our
definition for the Resource
Administrator (RA) role
restrictions.
CVE ID : CVE-2019-6617
https://su
pport.f5.co
m/csp/arti
cle/K3894
1195
A-F5-BIG--
200519/163
Improper
Access 03-05-2019 4 On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, 12.1.0-12.1.4,
https://su
pport.f5.coA-F5-BIG--
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
69
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Control 11.6.1-11.6.3.4, and 11.5.2-
11.5.8, users with the
Resource Administrator role
can modify sensitive portions
of the filesystem if provided
Advanced Shell Access, such as
editing /etc/passwd. This
allows modifications to user
objects and is contrary to our
definition for the Resource
Administrator (RA) role
restrictions.
CVE ID : CVE-2019-6618
m/csp/arti
cle/K0770
2240
200519/164
Improper
Input
Validation
03-05-2019 5
On BIG-IP 14.0.0-14.1.0.1,
13.0.0-13.1.1.4, and 12.1.0-
12.1.4, the Traffic Management
Microkernel (TMM) may
restart when a virtual server
has an HTTP/2 profile with
Application Layer Protocol
Negotiation (ALPN) enabled
and it processes traffic where
the ALPN extension size is
zero.
CVE ID : CVE-2019-6619
https://su
pport.f5.co
m/csp/arti
cle/K9456
3344
A-F5-BIG--
200519/165
thrift
Improper
Input
Validation
06-05-2019 5
C++ Facebook Thrift servers
(using cpp2) would not error
upon receiving messages with
containers of fields of
unknown type. As a result,
malicious clients could send
short messages which would
take a long time for the server
to parse, potentially leading to
denial of service. This issue
N/A A-FAC-THRI-
200519/166
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
70
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
affects Facebook Thrift prior
to v2019.02.18.00.
CVE ID : CVE-2019-3552
Improper
Input
Validation
06-05-2019 5
Python Facebook Thrift
servers would not error upon
receiving messages with
containers of fields of
unknown type. As a result,
malicious clients could send
short messages which would
take a long time for the server
to parse, potentially leading to
denial of service. This issue
affects Facebook Thrift prior
to v2019.02.18.00.
CVE ID : CVE-2019-3558
N/A A-FAC-THRI-
200519/167
Improper
Input
Validation
06-05-2019 5
Java Facebook Thrift servers
would not error upon
receiving messages with
containers of fields of
unknown type. As a result,
malicious clients could send
short messages which would
take a long time for the server
to parse, potentially leading to
denial of service. This issue
affects Facebook Thrift prior
to v2019.02.18.00.
CVE ID : CVE-2019-3559
N/A A-FAC-THRI-
200519/168
Improper
Input
Validation
06-05-2019 5
Go Facebook Thrift servers
would not error upon
receiving messages with
containers of fields of
unknown type. As a result,
malicious clients could send
short messages which would
take a long time for the server
N/A A-FAC-THRI-
200519/169
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
71
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
to parse, potentially leading to
denial of service. This issue
affects Facebook Thrift prior
to v2019.03.04.00.
CVE ID : CVE-2019-3564
Improper
Input
Validation
06-05-2019 5
Legacy C++ Facebook Thrift
servers (using cpp instead of
cpp2) would not error upon
receiving messages with
containers of fields of
unknown type. As a result,
malicious clients could send
short messages which would
take a long time for the server
to parse, potentially leading to
denial of service. This issue
affects Facebook Thrift prior
to v2019.05.06.00.
CVE ID : CVE-2019-3565
N/A A-FAC-THRI-
200519/170
Foxitsoftware
foxit_reader
N/A 13-05-2019 4.6
A Local Privilege Escalation in
libqcocoa.dylib in Foxit Reader
3.1.0.0111 on macOS has been
discovered due to an incorrect
permission set.
CVE ID : CVE-2019-8342
N/A A-FOX-FOXI-
200519/171
GE
communicator
Improper
Access
Control
09-05-2019 6.8
GE Communicator, all versions
prior to 4.0.517, has a service
running with system privileges
that may allow an unprivileged
user to perform certain
administrative actions, which
N/A A-GE-COMM-
200519/172
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
72
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
may allow the execution of
scheduled scripts with system
administrator privileges. This
service is inaccessible to
attackers if Windows default
firewall settings are used by
the end user.
CVE ID : CVE-2019-6544
Uncontrolled
Search Path
Element
09-05-2019 6.8
GE Communicator, all versions
prior to 4.0.517, allows an
attacker to place malicious
files within the working
directory of the program,
which may allow an attacker
to manipulate widgets and UI
elements.
CVE ID : CVE-2019-6546
N/A A-GE-COMM-
200519/173
Use of Hard-
coded
Credentials
09-05-2019 6.8
GE Communicator, all versions
prior to 4.0.517, contains two
backdoor accounts with
hardcoded credentials, which
may allow control over the
database. This service is
inaccessible to attackers if
Windows default firewall
settings are used by the end
user.
CVE ID : CVE-2019-6548
N/A A-GE-COMM-
200519/174
Uncontrolled
Search Path
Element
09-05-2019 9.3
GE Communicator, all versions
prior to 4.0.517, allows a non-
administrative user to place
malicious files within the
installer file directory, which
may allow an attacker to gain
administrative privileges on a
system during installation or
N/A A-GE-COMM-
200519/175
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
73
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
upgrade.
CVE ID : CVE-2019-6564
Improper
Access
Control
09-05-2019 7.2
GE Communicator, all versions
prior to 4.0.517, allows a non-
administrative user to replace
the uninstaller with a
malicious version, which could
allow an attacker to gain
administrator privileges to the
system.
CVE ID : CVE-2019-6566
N/A A-GE-COMM-
200519/176
Gitlab
gitlab
Information
Exposure 10-05-2019 4
An issue was discovered in
GitLab Enterprise Edition
before 11.7.11, 11.8.x before
11.8.7, and 11.9.x before
11.9.7. It allows Information
Disclosure.
CVE ID : CVE-2019-11000
N/A A-GIT-GITL-
200519/177
GNU
recutils
NULL
Pointer
Dereference
01-05-2019 4.3
An issue was discovered in
GNU recutils 1.8. There is a
NULL pointer dereference in
the function
rec_rset_get_props at rec-rset.c
in librec.a, leading to a crash.
CVE ID : CVE-2019-11637
N/A
A-GNU-
RECU-
200519/178
NULL
Pointer
Dereference
01-05-2019 4.3
An issue was discovered in
GNU recutils 1.8. There is a
NULL pointer dereference in
the function
rec_field_name_equal_p at rec-
field-name.c in librec.a, leading
N/A
A-GNU-
RECU-
200519/179
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
74
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
to a crash.
CVE ID : CVE-2019-11638
Improper
Restriction
of
Operations
within the
Bounds of a
Memory
Buffer
01-05-2019 6.8
An issue was discovered in
GNU recutils 1.8. There is a
stack-based buffer overflow in
the function
rec_type_check_enum at rec-
types.c in librec.a.
CVE ID : CVE-2019-11639
N/A
A-GNU-
RECU-
200519/180
Improper
Restriction
of
Operations
within the
Bounds of a
Memory
Buffer
01-05-2019 6.8
An issue was discovered in
GNU recutils 1.8. There is a
heap-based buffer overflow in
the function
rec_fex_parse_str_simple at
rec-fex.c in librec.a.
CVE ID : CVE-2019-11640
N/A
A-GNU-
RECU-
200519/181
Golang
go
N/A 13-05-2019 7.5
Go through 1.12.5 on Windows
mishandles process creation
with a nil environment in
conjunction with a non-nil
token, which allows attackers
to obtain sensitive information
or gain privileges.
CVE ID : CVE-2019-11888
N/A A-GOL-GO-
200519/182
gridea
gridea
Improper
Neutralizatio
n of Input
During Web
Page
13-05-2019 4.3
Gridea v0.8.0 has an XSS
vulnerability through which
the Nodejs module can be
called to achieve arbitrary
code execution, as
N/A A-GRI-GRID-
200519/183
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
75
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Generation
('Cross-site
Scripting')
demonstrated by
child_process.exec and the
"<img src=#
onerror='eval(new Buffer("
substring.
CVE ID : CVE-2019-12047
groonga
groonga-httpd
Concurrent
Execution
using Shared
Resource
with
Improper
Synchronizat
ion ('Race
Condition')
02-05-2019 6.9
The groonga-httpd package
6.1.5-1 for Debian sets the
/var/log/groonga ownership
to the groonga account, which
might let local users obtain
root access because of unsafe
interaction with logrotate. For
example, an attacker can
exploit a race condition to
insert a symlink from
/var/log/groonga/httpd to
/etc/bash_completion.d.
NOTE: this is an issue in the
Debian packaging of the
Groonga HTTP server.
CVE ID : CVE-2019-11675
N/A
A-GRO-
GROO-
200519/184
Haproxy
haproxy
N/A 09-05-2019 4.3
HAProxy before 1.9.7
mishandles a reload with
rotated keys, which triggers
use of uninitialized, and very
predictable, HMAC keys. This
is related to an
include/types/ssl_sock.h
error.
CVE ID : CVE-2019-11323
https://w
ww.mail-
archive.co
m/haproxy
@formilux.
org/msg33
410.html
A-HAP-
HAPR-
200519/185
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
76
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
harpjs
harp
Information
Exposure 10-05-2019 5
Information exposure through
the directory listing in npm's
harp module allows to access
files that are supposed to be
ignored according to the harp
server rules.Vulnerable
versions are <= 0.29.0 and no
fix was applied to our
knowledge.
CVE ID : CVE-2019-5437
N/A
A-HAR-
HARP-
200519/186
Improper
Limitation of
a Pathname
to a
Restricted
Directory
('Path
Traversal')
10-05-2019 5
Path traversal using symlink in
npm harp module versions <=
0.29.0.
CVE ID : CVE-2019-5438
N/A
A-HAR-
HARP-
200519/187
honeypress_project
honeypress
N/A 01-05-2019 5
HoneyPress through 2016-09-
27 can be fingerprinted by
attackers because of the
ingrained unique
www.atxsec.com and
ayylmao.wpengine.com
hostnames within the fake
WordPress templates. This
allows attackers to discover
and avoid this honeypot
system.
CVE ID : CVE-2019-11633
N/A
A-HON-
HONE-
200519/188
htmly
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
77
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
htmly
Improper
Neutralizatio
n of Input
During Web
Page
Generation
('Cross-site
Scripting')
08-05-2019 4.3
Multiple cross-site scripting
(XSS) vulnerabilities in HTMLy
2.7.4 allow remote attackers to
inject arbitrary web script or
HTML via the (1) destination
parameter to delete feature;
the (2) destination parameter
to edit feature; (3) content
parameter in the profile
feature.
CVE ID : CVE-2019-8349
N/A
A-HTM-
HTML-
200519/189
Humhub
humhub
Improper
Neutralizatio
n of Input
During Web
Page
Generation
('Cross-site
Scripting')
08-05-2019 4.3
A cross-site scripting (XSS)
vulnerability in HumHub
1.3.12 allows remote attackers
to inject arbitrary web script
or HTML via a
/protected/vendor/codecepti
on/codeception/tests/data/ap
p/view/index.php POST
request.
CVE ID : CVE-2019-11564
N/A
A-HUM-
HUMH-
200519/190
IBM
tririga_application_platform
Information
Exposure 07-05-2019 2.1
IBM TRIRIGA Application
Platform 3.5.3 and 3.6.0 may
disclose sensitive information
only available to a local user
that could be used in further
attacks against the system.
IBM X-Force ID: 159148.
CVE ID : CVE-2019-4207
https://w
ww.ibm.co
m/support
/docview.
wss?uid=ib
m1088026
1
A-IBM-TRIR-
200519/191
Improper 07-05-2019 5.5 IBM TRIRIGA Application N/A A-IBM-TRIR-
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
78
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Restriction
of XML
External
Entity
Reference
('XXE')
Platform 3.5.3 and 3.6.0 is
vulnerable to an XML External
Entity Injection (XXE) attack
when processing XML data. A
remote attacker could exploit
this vulnerability to expose
sensitive information or
consume memory resources.
IBM X-Force ID: 159129.
CVE ID : CVE-2019-4208
200519/192
spectrum_scale
Information
Exposure 13-05-2019 2.1
A security vulnerability has
been identified in IBM
Spectrum Scale 4.1.1, 4.2.0,
4.2.1, 4.2.2, 4.2.3, and 5.0.0
with CES stack enabled that
could allow sensitive data to
be included with service snaps.
IBM X-Force ID: 160011.
CVE ID : CVE-2019-4259
https://w
ww.ibm.co
m/support
/docview.
wss?uid=ib
m1088356
8
A-IBM-SPEC-
200519/193
sterling_b2b_integrator
Improper
Neutralizatio
n of Input
During Web
Page
Generation
('Cross-site
Scripting')
01-05-2019 3.5
IBM Sterling B2B Integrator
6.0.0.0 and 6.0.0.1 Standard
Edition is vulnerable to cross-
site scripting. This
vulnerability allows users to
embed arbitrary JavaScript
code in the Web UI thus
altering the intended
functionality potentially
leading to credentials
disclosure within a trusted
session. IBM X-Force ID:
159946.
CVE ID : CVE-2019-4258
N/A A-IBM-STER-
200519/194
business_automation_workflow
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
79
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Improper
Neutralizatio
n of Input
During Web
Page
Generation
('Cross-site
Scripting')
10-05-2019 3.5
IBM Business Automation
Workflow 18.0.0.0, 18.0.0.1,
18.0.0.2, and 19.0.0.1 is
vulnerable to cross-site
scripting. This vulnerability
allows users to embed
arbitrary JavaScript code in
the Web UI thus altering the
intended functionality
potentially leading to
credentials disclosure within a
trusted session. IBM X-Force
ID: 159125.
CVE ID : CVE-2019-4204
https://w
ww.ibm.co
m/support
/docview.
wss?uid=ib
m1088049
9
A-IBM-BUSI-
200519/195
business_process_manager
Improper
Neutralizatio
n of Input
During Web
Page
Generation
('Cross-site
Scripting')
10-05-2019 3.5
IBM Business Automation
Workflow 18.0.0.0, 18.0.0.1,
18.0.0.2, and 19.0.0.1 is
vulnerable to cross-site
scripting. This vulnerability
allows users to embed
arbitrary JavaScript code in
the Web UI thus altering the
intended functionality
potentially leading to
credentials disclosure within a
trusted session. IBM X-Force
ID: 159125.
CVE ID : CVE-2019-4204
https://w
ww.ibm.co
m/support
/docview.
wss?uid=ib
m1088049
9
A-IBM-BUSI-
200519/196
Intelliants
subrion_cms
Improper
Neutralizatio
n of Input
During Web
Page
08-05-2019 4.3
Subrion CMS 4.2.1 allows
_core/en/contacts/ XSS via the
name, email, or phone
parameter.
CVE ID : CVE-2019-11406
N/A A-INT-SUBR-
200519/197
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
80
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Generation
('Cross-site
Scripting')
KDE
kauth
Improper
Input
Validation
07-05-2019 9.3
KDE KAuth before 5.55 allows
the passing of parameters with
arbitrary types to helpers
running as root over DBus via
DBusHelperProxy.cpp. Certain
types can cause crashes, and
trigger the decoding of
arbitrary images with
dynamically loaded plugins. In
other words, KAuth
unintentionally causes this
plugin code to run as root,
which increases the severity of
any possible exploitation of a
plugin vulnerability.
CVE ID : CVE-2019-7443
N/A
A-KDE-
KAUT-
200519/198
konakart
konakart
Improper
Input
Validation
13-05-2019 7.5
KonaKart 8.9.0.0 is vulnerable
to Remote Code Execution by
uploading a web shell as a
product category image.
CVE ID : CVE-2019-11680
https://w
ww.konaka
rt.com/do
wnloads/p
atch-
releases/
A-KON-
KONA-
200519/199
Lenovo
xclarity_administrator
Information
Exposure
Through Log
Files
03-05-2019 4.3
An internal product security
audit of Lenovo XClarity
Administrator (LXCA)
discovered HTTP proxy
N/A
A-LEN-
XCLA-
200519/200
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
81
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
credentials being written to a
log file in clear text. This only
affects LXCA when HTTP proxy
credentials have been
configured. This affects LXCA
versions 2.0.0 to 2.3.x.
CVE ID : CVE-2019-6158
Libreoffice
libreoffice
Improper
Input
Validation
09-05-2019 6.8
A vulnerability in LibreOffice
hyperlink processing allows an
attacker to construct
documents containing
hyperlinks pointing to the
location of an executable on
the target users file system. If
the hyperlink is activated by
the victim the executable
target is unconditionally
launched. Under Windows and
macOS when processing a
hyperlink target explicitly
activated by the user there
was no judgment made on
whether the target was an
executable file, so such
executable targets were
launched unconditionally. This
issue affects: All LibreOffice
Windows and macOS versions
prior to 6.1.6; LibreOffice
Windows and macOS versions
in the 6.2 series prior to 6.2.3.
CVE ID : CVE-2019-9847
https://w
ww.libreoff
ice.org/abo
ut-
us/security
/advisories
/cve-2019-
9847/
A-LIB-LIBR-
200519/201
lightopenid_project
lightopenid
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
82
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Server-Side
Request
Forgery
(SSRF)
10-05-2019 7.5
openid.php in LightOpenID
through 1.3.1 allows SSRF via
a crafted OpenID 2.0 assertion
request using the HTTP GET
method.
CVE ID : CVE-2019-11066
N/A A-LIG-LIGH-
200519/202
Mahara
mahara
N/A 07-05-2019 4
An issue was discovered in
Mahara 17.10 before 17.10.8,
18.04 before 18.04.4, and
18.10 before 18.10.1. A site
administrator can suspend the
system user (root), causing all
users to be locked out from the
system.
CVE ID : CVE-2019-9708
https://ma
hara.org/in
teraction/f
orum/topi
c.php?id=8
445
A-MAH-
MAHA-
200519/203
Improper
Neutralizatio
n of Input
During Web
Page
Generation
('Cross-site
Scripting')
07-05-2019 3.5
An issue was discovered in
Mahara 17.10 before 17.10.8,
18.04 before 18.04.4, and
18.10 before 18.10.1. The
collection title is vulnerable to
Cross Site Scripting (XSS) due
to not escaping it when
viewing the collection's
SmartEvidence overview page
(if that feature is turned on).
This can be exploited by any
logged-in user.
CVE ID : CVE-2019-9709
https://ma
hara.org/in
teraction/f
orum/topi
c.php?id=8
446
A-MAH-
MAHA-
200519/204
Matrix
synapse
Use of
Cryptographi
cally Weak
09-05-2019 5 An issue was discovered in
Matrix Sydent before 1.0.3 and
Synapse before 0.99.3.1.
N/A
A-MAT-
SYNA-
200519/205
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
83
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Pseudo-
Random
Number
Generator
(PRNG)
Random number generation is
mishandled, which makes it
easier for attackers to predict
a Sydent authentication token
or a Synapse random ID.
CVE ID : CVE-2019-11842
sydent
Use of
Cryptographi
cally Weak
Pseudo-
Random
Number
Generator
(PRNG)
09-05-2019 5
An issue was discovered in
Matrix Sydent before 1.0.3 and
Synapse before 0.99.3.1.
Random number generation is
mishandled, which makes it
easier for attackers to predict
a Sydent authentication token
or a Synapse random ID.
CVE ID : CVE-2019-11842
N/A
A-MAT-
SYDE-
200519/206
Microfocus
open_enterprise_server
Improper
Neutralizatio
n of Input
During Web
Page
Generation
('Cross-site
Scripting')
02-05-2019 4.3
A DOM based XSS vulnerability
has been identified in the
Netstorage component of Open
Enterprise Server (OES)
allowing a remote attacker to
execute javascript in the
victims browser by tricking
the victim into clicking on a
specially crafted link. This
affects OES versions
OES2015SP1, OES2018, and
OES2018SP1. Older versions
may be affected but were not
tested as they are out of
support.
CVE ID : CVE-2019-3490
N/A
A-MIC-
OPEN-
200519/207
Misp
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
84
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
misp
Improper
Neutralizatio
n of Input
During Web
Page
Generation
('Cross-site
Scripting')
08-05-2019 4.3
A persistent XSS issue was
discovered in
app/View/Helper/CommandH
elper.php in MISP before
2.4.107. JavaScript can be
included in the discussion
interface, and can be triggered
by clicking on the link.
CVE ID : CVE-2019-11812
N/A A-MIS-MISP-
200519/208
Improper
Neutralizatio
n of Input
During Web
Page
Generation
('Cross-site
Scripting')
08-05-2019 4.3
An issue was discovered in
app/View/Elements/Events/V
iew/value_field.ctp in MISP
before 2.4.107. There is
persistent XSS via link type
attributes with javascript://
links.
CVE ID : CVE-2019-11813
N/A A-MIS-MISP-
200519/209
Improper
Neutralizatio
n of Input
During Web
Page
Generation
('Cross-site
Scripting')
08-05-2019 4.3
An issue was discovered in
app/webroot/js/misp.js in
MISP before 2.4.107. There is
persistent XSS via image
names in titles, as
demonstrated by a screenshot.
CVE ID : CVE-2019-11814
N/A A-MIS-MISP-
200519/210
mythemeshop
launcher
Improper
Neutralizatio
n of Input
During Web
Page
Generation
('Cross-site
Scripting')
13-05-2019 3.5
Multiple stored cross-site
scripting (XSS) in the
MyThemeShop Launcher
plugin 1.0.8 for WordPress
allow remote authenticated
users to inject arbitrary web
script or HTML via fields as
follows: (1) Title, (2) Favicon,
N/A
A-MYT-
LAUN-
200519/211
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
85
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
(3) Meta Description, (4)
Subscribe Form (Name field
label, Last name field label,
Email field label), (5) Contact
Form (Name field label and
Email field label), and (6)
Social Links (Facebook Page
URL, Twitter Page URL,
Instagram Page URL, YouTube
Page URL, Linkedin Page URL,
Google+ Page URL, RSS URL).
CVE ID : CVE-2019-7411
Nginx
njs
N/A 09-05-2019 5
njs through 0.3.1, used in
NGINX, has a segmentation
fault in
String.prototype.toBytes for
negative arguments, related to
nxt_utf8_next in nxt/nxt_utf8.h
and njs_string_offset in
njs/njs_string.c.
CVE ID : CVE-2019-11837
N/A A-NGI-NJS-
200519/212
Improper
Restriction
of
Operations
within the
Bounds of a
Memory
Buffer
09-05-2019 7.5
njs through 0.3.1, used in
NGINX, has a heap-based
buffer overflow in
Array.prototype.splice after a
resize, related to
njs_array_prototype_splice in
njs/njs_array.c, because of
njs_array_expand size
mishandling.
CVE ID : CVE-2019-11838
N/A A-NGI-NJS-
200519/213
Improper
Restriction
of
09-05-2019 7.5 njs through 0.3.1, used in
NGINX, has a heap-based
buffer overflow in
N/A A-NGI-NJS-
200519/214
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
86
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Operations
within the
Bounds of a
Memory
Buffer
Array.prototype.push after a
resize, related to
njs_array_prototype_push in
njs/njs_array.c, because of
njs_array_expand size
mishandling.
CVE ID : CVE-2019-11839
Ninjaforms
ninja_forms
Improper
Limitation of
a Pathname
to a
Restricted
Directory
('Path
Traversal')
07-05-2019 6.8
Path Traversal and
Unrestricted File Upload exists
in the Ninja Forms plugin
before 3.0.23 for WordPress
(when the Uploads add-on is
activated). This allows an
attacker to traverse the file
system to access files and
execute code via the
includes/fields/upload.php
(aka upload/submit page)
name and tmp_name
parameters.
CVE ID : CVE-2019-10869
N/A A-NIN-NINJ-
200519/215
Nvidia
gpu_driver
N/A 10-05-2019 7.2
NVIDIA Windows GPU Display
driver software for Windows
(all versions) contains a
vulnerability in the kernel
mode layer (nvlddmkm.sys)
handler for DxgkDdiEscape
where the product does not
properly synchronize shared
data, such as static variables
across threads, which can lead
to undefined behavior and
https://nvi
dia.custhel
p.com/app
/answers/
detail/a_id
/4797
A-NVI-GPU_-
200519/216
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
87
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
unpredictable data changes,
which may lead to denial of
service, escalation of
privileges, or information
disclosure.
CVE ID : CVE-2019-5675
Untrusted
Search Path 10-05-2019 7.2
NVIDIA Windows GPU Display
driver software for Windows
(all versions) contains a
vulnerability in which it
incorrectly loads Windows
system DLLs without
validating the path or
signature (also known as a
binary planting or DLL
preloading attack), leading to
escalation of privileges
through code execution.
CVE ID : CVE-2019-5676
https://nvi
dia.custhel
p.com/app
/answers/
detail/a_id
/4797
A-NVI-GPU_-
200519/217
Improper
Restriction
of
Operations
within the
Bounds of a
Memory
Buffer
10-05-2019 4.9
NVIDIA Windows GPU Display
driver software for Windows
(all versions) contains a
vulnerability in the kernel
mode layer (nvlddmkm.sys)
handler for DeviceIoControl
where the software reads from
a buffer using buffer access
mechanisms such as indexes
or pointers that reference
memory locations after the
targeted buffer, which may
lead to denial of service.
CVE ID : CVE-2019-5677
https://nvi
dia.custhel
p.com/app
/answers/
detail/a_id
/4797
A-NVI-GPU_-
200519/218
octopus
octopus_deploy
N/A 01-05-2019 5.5 In Octopus Deploy 2019.1.0 N/A A-OCT-
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
88
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
through 2019.3.1 and 2019.4.0
through 2019.4.5, an
authenticated user with the
VariableViewUnscoped or
VariableEditUnscoped
permission scoped to a specific
project could view or edit
unscoped variables from a
different project. (These
permissions are only used in
custom User Roles and do not
affect built in User Roles.)
CVE ID : CVE-2019-11632
OCTO-
200519/219
openproject
openproject
Improper
Neutralizatio
n of Special
Elements
used in an
SQL
Command
('SQL
Injection')
13-05-2019 6.8
A SQL injection vulnerability in
the activities API in
OpenProject before 8.3.2
allows a remote attacker to
execute arbitrary SQL
commands via the id
parameter. The attack can be
performed unauthenticated if
OpenProject is configured not
to require authentication for
API access.
CVE ID : CVE-2019-11600
https://w
ww.openpr
oject.org/r
elease-
notes/ope
nproject-8-
3-2/
A-OPE-
OPEN-
200519/220
Opensuse
backports
Improper
Input
Validation
07-05-2019 9.3
KDE KAuth before 5.55 allows
the passing of parameters with
arbitrary types to helpers
running as root over DBus via
DBusHelperProxy.cpp. Certain
types can cause crashes, and
trigger the decoding of
N/A
A-OPE-
BACK-
200519/221
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
89
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
arbitrary images with
dynamically loaded plugins. In
other words, KAuth
unintentionally causes this
plugin code to run as root,
which increases the severity of
any possible exploitation of a
plugin vulnerability.
CVE ID : CVE-2019-7443
Paloaltonetworks
demisto
Improper
Neutralizatio
n of Input
During Web
Page
Generation
('Cross-site
Scripting')
09-05-2019 4.3
Cross-site scripting (XSS)
vulnerability in Palo Alto
Networks Demisto 4.5 build
40249 may allow an
unauthenticated attacker to
run arbitrary JavaScript or
HTML.
CVE ID : CVE-2019-1568
https://sec
urityadviso
ries.paloalt
onetworks.
com/Home
/Detail/14
8
A-PAL-
DEMI-
200519/222
Philips
tasy_emr
Improper
Neutralizatio
n of Input
During Web
Page
Generation
('Cross-site
Scripting')
01-05-2019 3.5
In Philips Tasy EMR, Tasy EMR
Versions 3.02.1744 and prior,
the software incorrectly
neutralizes user-controllable
input before it is placed in
output that is used as a web
page that is served to other
users.
CVE ID : CVE-2019-6562
N/A A-PHI-TASY-
200519/223
PHP
imagick
Out-of-
bounds 03-05-2019 7.5
In PHP imagick extension in
versions between 3.3.0 and
3.4.4, writing to an array of
N/A A-PHP-
IMAG-
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
90
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Write values in
ImagickKernel::fromMatrix()
function did not check that the
address will be within the
allocated array. This could lead
to out of bounds write to
memory if the function is
called with the data controlled
by untrusted party.
CVE ID : CVE-2019-11037
200519/224
php
Improper
Restriction
of
Operations
within the
Bounds of a
Memory
Buffer
03-05-2019 6.4
When processing certain files,
PHP EXIF extension in
versions 7.1.x below 7.1.29,
7.2.x below 7.2.18 and 7.3.x
below 7.3.5 can be caused to
read past allocated buffer in
exif_process_IFD_TAG
function. This may lead to
information disclosure or
crash.
CVE ID : CVE-2019-11036
N/A A-PHP-PHP-
200519/225
Phpbb
phpbb
Server-Side
Request
Forgery
(SSRF)
05-05-2019 5
Server side request forgery
(SSRF) in phpBB before 3.2.6
allows checking for the
existence of files and services
on the local network of the
host through the remote
avatar upload function.
CVE ID : CVE-2019-11767
N/A
A-PHP-
PHPB-
200519/226
Improper
Input
Validation
02-05-2019 5
The fulltext search component
in phpBB before 3.2.6 allows
Denial of Service.
https://w
ww.phpbb.
com/com
munity/vie
A-PHP-
PHPB-
200519/227
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
91
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
CVE ID : CVE-2019-9826 wtopic.php
?f=14&t=2
509941
printerlogic
print_management
Improper
Input
Validation
08-05-2019 10
The PrinterLogic Print
Management software,
versions up to and including
18.3.1.96, does not sanitize
special characters allowing for
remote unauthorized changes
to configuration files. An
unauthenticated attacker may
be able to remotely execute
arbitrary code with SYSTEM
privileges.
CVE ID : CVE-2019-9505
N/A A-PRI-PRIN-
200519/228
Pulsesecure
pulse_connect_secure
Improper
Neutralizatio
n of Input
During Web
Page
Generation
('Cross-site
Scripting')
08-05-2019 4.3
In Pulse Secure Pulse Connect
Secure (PCS) 8.3.x before
8.3R7.1 and 9.0.x before 9.0R3,
an XSS issue has been found on
the Application Launcher page.
CVE ID : CVE-2019-11507
https://kb.
pulsesecur
e.net/articl
es/Pulse_S
ecurity_Ad
visories/S
A44101/
A-PUL-PULS-
200519/229
Improper
Limitation of
a Pathname
to a
Restricted
Directory
('Path
Traversal')
08-05-2019 6.5
In Pulse Secure Pulse Connect
Secure (PCS) before 8.1R15.1,
8.2 before 8.2R12.1, 8.3 before
8.3R7.1, and 9.0 before
9.0R3.4, an authenticated
attacker (via the admin web
interface) can exploit
Directory Traversal to execute
arbitrary code on the
https://kb.
pulsesecur
e.net/articl
es/Pulse_S
ecurity_Ad
visories/S
A44101/
A-PUL-PULS-
200519/230
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
92
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
appliance.
CVE ID : CVE-2019-11508
N/A 08-05-2019 6.5
In Pulse Secure Pulse Connect
Secure (PCS) before 8.1R15.1,
8.2 before 8.2R12.1, 8.3 before
8.3R7.1, and 9.0 before
9.0R3.4, an unauthenticated
remote attacker can send a
specially crafted URI to
perform an arbitrary file
reading vulnerability .
CVE ID : CVE-2019-11510
https://kb.
pulsesecur
e.net/articl
es/Pulse_S
ecurity_Ad
visories/S
A44101/
A-PUL-PULS-
200519/231
Qnap
myqnapcloud
Improper
Restriction
of
Operations
within the
Bounds of a
Memory
Buffer
09-05-2019 5
Buffer Overflow vulnerability
in myQNAPcloud Connect
1.3.3.0925 and earlier could
allow remote attackers to
crash the program.
CVE ID : CVE-2019-7181
https://w
ww.qnap.c
om/zh-
tw/securit
y-
advisory/n
as-201905-
09
A-QNA-
MYQN-
200519/232
ratpack_project
ratpack
Use of
Cryptographi
cally Weak
Pseudo-
Random
Number
Generator
(PRNG)
07-05-2019 4.3
Ratpack versions before 1.6.1
generate a session ID using a
cryptographically weak PRNG
in the JDK's
ThreadLocalRandom. This
means that if an attacker can
determine a small window for
the server start time and
obtain a session ID value, they
can theoretically determine
the sequence of session IDs.
N/A
A-RAT-
RATP-
200519/233
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
93
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
CVE ID : CVE-2019-11808
Redhat
wildfly
Concurrent
Execution
using Shared
Resource
with
Improper
Synchronizat
ion ('Race
Condition')
03-05-2019 4.7
A flaw was discovered in
wildfly versions up to
16.0.0.Final that would allow
local users who are able to
execute init.d script to
terminate arbitrary processes
on the system. An attacker
could exploit this by modifying
the PID file in /var/run/jboss-
eap/ allowing the init.d script
to terminate any process as
root.
CVE ID : CVE-2019-3805
https://bu
gzilla.redh
at.com/sho
w_bug.cgi?i
d=CVE-
2019-3805
A-RED-
WILD-
200519/234
N/A 03-05-2019 6.5
It was discovered that the
ElytronManagedThread in
Wildfly's Elytron subsystem in
versions from 11 to 16 stores a
SecurityIdentity to run the
thread as. These threads do
not necessarily terminate if
the keep alive time has not
expired. This could allow a
shared thread to use the
wrong security identity when
executing.
CVE ID : CVE-2019-3894
https://bu
gzilla.redh
at.com/sho
w_bug.cgi?i
d=CVE-
2019-3894
A-RED-
WILD-
200519/235
jboss_enterprise_application_platform
Concurrent
Execution
using Shared
Resource
with
Improper
03-05-2019 4.7
A flaw was discovered in
wildfly versions up to
16.0.0.Final that would allow
local users who are able to
execute init.d script to
terminate arbitrary processes
https://bu
gzilla.redh
at.com/sho
w_bug.cgi?i
d=CVE-
2019-3805
A-RED-JBOS-
200519/236
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
94
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Synchronizat
ion ('Race
Condition')
on the system. An attacker
could exploit this by modifying
the PID file in /var/run/jboss-
eap/ allowing the init.d script
to terminate any process as
root.
CVE ID : CVE-2019-3805
N/A 03-05-2019 6.5
It was discovered that the
ElytronManagedThread in
Wildfly's Elytron subsystem in
versions from 11 to 16 stores a
SecurityIdentity to run the
thread as. These threads do
not necessarily terminate if
the keep alive time has not
expired. This could allow a
shared thread to use the
wrong security identity when
executing.
CVE ID : CVE-2019-3894
https://bu
gzilla.redh
at.com/sho
w_bug.cgi?i
d=CVE-
2019-3894
A-RED-JBOS-
200519/237
Rediff
rediffmail
Information
Exposure 09-05-2019 2.1
The Rediffmail (aka
com.rediff.mail.and)
application 2.2.6 for Android
has cleartext mail content in
file storage, persisting after a
logout.
CVE ID : CVE-2019-11836
N/A A-RED-REDI-
200519/238
remarkable_project
remarkable
N/A 13-05-2019 5
lib/common/html_re.js in
remarkable 1.7.1 allows
Regular Expression Denial of
Service (ReDoS) via a CDATA
N/A
A-REM-
REMA-
200519/239
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
95
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
section.
CVE ID : CVE-2019-12041
Improper
Neutralizatio
n of Input
During Web
Page
Generation
('Cross-site
Scripting')
13-05-2019 4.3
In remarkable 1.7.1,
lib/parser_inline.js mishandles
URL filtering, which allows
attackers to trigger XSS via
unprintable characters, as
demonstrated by a
\x0ejavascript: URL.
CVE ID : CVE-2019-12043
N/A
A-REM-
REMA-
200519/240
Revive-adserver
revive_adserver
URL
Redirection
to Untrusted
Site ('Open
Redirect')
06-05-2019 5.8
A user having access to the UI
of a Revive Adserver instance
could be tricked into clicking
on a specifically crafted admin
account-switch.php URL that
would eventually lead them to
another (unsafe) domain,
potentially used for stealing
credentials or other phishing
attacks. This vulnerability was
addressed in version 4.2.0.
CVE ID : CVE-2019-5433
N/A A-REV-REVI-
200519/241
Ruby-lang
webrick
Improper
Limitation of
a Pathname
to a
Restricted
Directory
('Path
Traversal')
10-05-2019 2.1
** DISPUTED ** The WEBrick
gem 1.4.2 for Ruby allows
directory traversal if the
attacker once had local access
to create a symlink to a
location outside of the web
root directory. NOTE: The
vendor states that this is
analogous to Options
N/A
A-RUB-
WEBR-
200519/242
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
96
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
FollowSymlinks in the Apache
HTTP Server, and therefore it
is "not a problem."
CVE ID : CVE-2019-11879
rukovoditel
rukovoditel
Improper
Neutralizatio
n of Input
During Web
Page
Generation
('Cross-site
Scripting')
07-05-2019 4.3
Rukovoditel through 2.4.1
allows XSS via a URL that lacks
a module=users%2flogin
substring.
CVE ID : CVE-2019-7541
N/A
A-RUK-
RUKO-
200519/243
rust-lang
rust
Improper
Restriction
of
Operations
within the
Bounds of a
Memory
Buffer
13-05-2019 6.8
The Rust Programming
Language Standard Library
1.34.x before 1.34.2 contains a
stabilized method which, if
overridden, can violate Rust's
safety guarantees and cause
memory unsafety. If the
`Error::type_id` method is
overridden then any type can
be safely cast to any other
type, causing memory safety
vulnerabilities in safe code
(e.g., out-of-bounds write or
read). Code that does not
manually implement
Error::type_id is unaffected.
CVE ID : CVE-2019-12083
N/A
A-RUS-
RUST-
200519/244
S9Y
serendipity
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
97
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Improper
Neutralizatio
n of Input
During Web
Page
Generation
('Cross-site
Scripting')
09-05-2019 4.3
Serendipity before 2.1.5 has
XSS via EXIF data that is
mishandled in the
templates/2k11/admin/media
_choose.tpl Editor Preview
feature or the
templates/2k11/admin/media
_items.tpl Media Library
feature.
CVE ID : CVE-2019-11870
N/A A-S9Y-SERE-
200519/245
Solarwinds
damewire_mini_remote_control
Improper
Restriction
of
Operations
within the
Bounds of a
Memory
Buffer
02-05-2019 5
DWRCC in SolarWinds
DameWare Mini Remote
Control 10.0 x64 has a Buffer
Overflow associated with the
size field for the machine
name.
CVE ID : CVE-2019-9017
N/A
A-SOL-
DAME-
200519/246
Sqlite
sqlite
Use After
Free 10-05-2019 6.8
An exploitable use after free
vulnerability exists in the
window function functionality
of Sqlite3 3.26.0. A specially
crafted SQL command can
cause a use after free
vulnerability, potentially
resulting in remote code
execution. An attacker can
send a malicious SQL
command to trigger this
vulnerability.
CVE ID : CVE-2019-5018
N/A A-SQL-SQLI-
200519/247
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
98
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
sricam
deviceviewer
Improper
Restriction
of
Operations
within the
Bounds of a
Memory
Buffer
09-05-2019 7.5
Shenzhen Sricctv
DeviceViewer for XP has a
Buffer Overflow via the
username field on the initial
login form.
CVE ID : CVE-2019-11563
N/A A-SRI-DEVI-
200519/248
suricata-ids
suricata
Out-of-
bounds Read 13-05-2019 5
A buffer over-read issue was
discovered in Suricata 4.1.x
before 4.1.4. If the input of the
decode-mpls.c function
DecodeMPLS is composed only
of a packet of source address
and destination address plus
the correct type field and the
right number for shim, an
attacker can manipulate the
control flow, such that the
condition to leave the loop is
true. After leaving the loop, the
network packet has a length of
2 bytes. There is no validation
of this length. Later on, the
code tries to read at an empty
position, leading to a crash.
CVE ID : CVE-2019-10050
N/A A-SUR-SURI-
200519/249
Integer
Underflow
(Wrap or
Wraparound
)
13-05-2019 7.5
An issue was discovered in
Suricata 4.1.x before 4.1.4. If
the input of the function
SSHParseBanner is composed
only of a \n character, then the
N/A A-SUR-SURI-
200519/250
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
99
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
program runs into a heap-
based buffer over-read. This
occurs because the erroneous
search for \r results in an
integer underflow.
CVE ID : CVE-2019-10053
Suse
manager
Information
Exposure 13-05-2019 4.3
SUSE Manager until version
4.0.7 and Uyuni until commit
1b426ad5ed0a7191a6fb46bb
83e98ae4b99a5ade created
world-readable swap files on
systems that don't have a swap
already configured and don't
have btrfs as filesystem
CVE ID : CVE-2019-3684
N/A
A-SUS-
MANA-
200519/251
Synology
calendar
N/A 09-05-2019 2.1
Information exposure through
process environment
vulnerability in Synology
Calendar before 2.3.3-0620
allows local users to obtain
credentials via cmdline.
CVE ID : CVE-2019-11820
https://w
ww.synolo
gy.com/sec
urity/advis
ory/Synolo
gy_SA_19_2
1
A-SYN-CALE-
200519/252
tabslab
mailcarrier
Improper
Restriction
of
Operations
within the
Bounds of a
Memory
02-05-2019 7.5
A buffer overflow in the SMTP
response service in
MailCarrier 2.51 allows the
attacker to execute arbitrary
code remotely via a long HELP
command, a related issue to
N/A
A-TAB-
MAIL-
200519/253
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
100
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Buffer CVE-2019-11395.
CVE ID : CVE-2019-11682
Typo3
typo3
Improper
Input
Validation
09-05-2019 9.3
TYPO3 8.x before 8.7.25 and
9.x before 9.5.6 allows remote
code execution because it does
not properly configure the
applications used for image
processing, as demonstrated
by ImageMagick or
GraphicsMagick.
CVE ID : CVE-2019-11832
N/A
A-TYP-
TYPO-
200519/254
ui
unifi_video
Cross-Site
Request
Forgery
(CSRF)
06-05-2019 6.8
In UniFi Video 3.10.0 and
prior, due to the lack of CSRF
protection, it is possible to
abuse the Web API to make
changes on the server
configuration without the user
consent, requiring the attacker
to lure an authenticated user
to access on attacker
controlled page.
CVE ID : CVE-2019-5430
N/A A-UI-UNIF-
200519/255
ulicms
ulicms
Improper
Neutralizatio
n of Input
During Web
Page
Generation
('Cross-site
08-05-2019 4.3
Multiple cross-site scripting
(XSS) vulnerabilities in UliCMS
2019.2 and 2019.1 allow
remote attackers to inject
arbitrary web script or HTML
via the go parameter to
admin/index.php, the go
N/A A-ULI-ULIC-
200519/256
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
101
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Scripting') parameter to
/admin/index.php?register=re
gister, or the error parameter
to
admin/index.php?action=favic
on.
CVE ID : CVE-2019-11398
Veeam
one_reporter
Cross-Site
Request
Forgery
(CSRF)
06-05-2019 6.8
Veeam ONE Reporter
9.5.0.3201 allows CSRF.
CVE ID : CVE-2019-11569
N/A A-VEE-ONE_-
200519/257
vegadesign
profiledesign_cms
Improper
Neutralizatio
n of Input
During Web
Page
Generation
('Cross-site
Scripting')
13-05-2019 4.3
Multiple cross-site scripting
(XSS) vulnerabilities in
ProfileDesign CMS v6.0.2.5
allows remote attackers to
inject arbitrary web script or
HTML via the (1) page, (2) gbs,
(3) side, (4) id, (5) imgid, (6)
cat, or (7) orderby parameter.
CVE ID : CVE-2019-7409
N/A
A-VEG-
PROF-
200519/258
Information
Exposure 10-05-2019 4.3
A bug in WhatsApp for
Android's messaging logic
would potentially allow a
malicious individual who has
taken over over a WhatsApp
user's account to recover
previously sent messages. This
behavior requires independent
knowledge of metadata for
N/A
A-WHA-
WHAT-
200519/259
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
102
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
previous messages, which are
not available publicly. This
issue affects WhatsApp for
Android 2.19.52 and 2.19.54 -
2.19.103.
CVE ID : CVE-2019-3566
Wso2
api_manager
Server-Side
Request
Forgery
(SSRF)
14-05-2019 4
An issue was discovered in
WSO2 API Manager 2.6.0. It is
possible to force the
application to perform
requests to the internal
workstation (SSRF port-
scanning), other adjacent
workstations (SSRF network
scanning), or to enumerate
files because of the existence
of the file:// wrapper.
CVE ID : CVE-2019-6512
N/A A-WSO-API_-
200519/260
Improper
Access
Control
14-05-2019 5
An issue was discovered in
WSO2 API Manager 2.6.0.
Uploaded documents for API
documentation are available to
an unauthenticated user.
CVE ID : CVE-2019-6515
N/A A-WSO-API_-
200519/261
dashboard_server
Improper
Neutralizatio
n of Input
During Web
Page
Generation
('Cross-site
Scripting')
14-05-2019 3.5
An issue was discovered in
WSO2 Dashboard Server 2.0.0.
It is possible to inject a
JavaScript payload that will be
stored in the database and
then displayed and executed
on the same page, aka XSS.
CVE ID : CVE-2019-6514
N/A
A-WSO-
DASH-
200519/262
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
103
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Server-Side
Request
Forgery
(SSRF)
14-05-2019 5
An issue was discovered in
WSO2 Dashboard Server 2.0.0.
It is possible to force the
application to perform
requests to the internal
workstation (port-scanning)
and to perform requests to
adjacent workstations
(network-scanning), aka SSRF.
CVE ID : CVE-2019-6516
N/A
A-WSO-
DASH-
200519/263
yellowpencil
visual_css_style_editor
Cross-Site
Request
Forgery
(CSRF)
13-05-2019 6.8
The WaspThemes Visual CSS
Style Editor (aka yellow-
pencil-visual-theme-
customizer) plugin before
7.2.1 for WordPress allows
yp_option_update CSRF, as
demonstrated by use of
yp_remote_get to obtain admin
access.
CVE ID : CVE-2019-11886
N/A A-YEL-VISU-
200519/264
yuzopro
yuzo
Improper
Neutralizatio
n of Input
During Web
Page
Generation
('Cross-site
Scripting')
09-05-2019 4.3
The Yuzo Related Posts plugin
5.12.94 for WordPress has XSS
because it mistakenly expects
that is_admin() verifies that
the request comes from an
admin user (it actually only
verifies that the request is for
an admin page). An
unauthenticated attacker can
inject a payload into the plugin
settings, such as the
yuzo_related_post_css_and_styl
N/A
A-YUZ-
YUZO-
200519/265
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
104
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
e setting.
CVE ID : CVE-2019-11869
z.cash
zcash
N/A 01-05-2019 5
Zcash 2.x allows an
inexpensive approach to "fill
all transactions of all blocks"
and "prevent any real
transaction from occurring"
via a "Sapling Wood-Chipper"
attack.
CVE ID : CVE-2019-11636
N/A A-Z.C-ZCAS-
200519/266
Zohocorp
manageengine_firewall_analyzer
Improper
Neutralizatio
n of Input
During Web
Page
Generation
('Cross-site
Scripting')
02-05-2019 4.3
The user defined DNS name in
Zoho ManageEngine Firewall
Analyzer before 12.3 Build
123224 is vulnerable to stored
XSS attacks.
CVE ID : CVE-2019-11676
N/A
A-ZOH-
MANA-
200519/267
Improper
Restriction
of XML
External
Entity
Reference
('XXE')
02-05-2019 7.5
The Custom Report import
function in Zoho
ManageEngine Firewall
Analyzer before 12.3 Build
123224 is vulnerable to XML
External Entity (XXE)
Injection.
CVE ID : CVE-2019-11677
N/A
A-ZOH-
MANA-
200519/268
Improper
Neutralizatio
n of Special
Elements
used in an
02-05-2019 7.5
The "default reports" feature
in Zoho ManageEngine
Firewall Analyzer before 12.3
Build 123218 is vulnerable to
SQL Injection.
N/A
A-ZOH-
MANA-
200519/269
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
105
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
SQL
Command
('SQL
Injection')
CVE ID : CVE-2019-11678
manageengine_netflow_analyzer
Improper
Neutralizatio
n of Input
During Web
Page
Generation
('Cross-site
Scripting')
07-05-2019 4.3
XSS exists in Zoho
ManageEngine Netflow
Analyzer Professional v7.0.0.2
in the Administration zone
"/netflow/jspui/linkdownalert
Config.jsp" file in the
groupDesc, groupName,
groupID, or task parameter.
CVE ID : CVE-2019-7426
N/A
A-ZOH-
MANA-
200519/270
Improper
Neutralizatio
n of Input
During Web
Page
Generation
('Cross-site
Scripting')
07-05-2019 4.3
XSS exists in Zoho
ManageEngine Netflow
Analyzer Professional v7.0.0.2
in the Administration zone
"/netflow/jspui/linkdownalert
Config.jsp" file in the
autorefTime or graphTypes
parameter.
CVE ID : CVE-2019-7427
N/A
A-ZOH-
MANA-
200519/271
Operating System
barni
master_ip_camera01_firmware
Improper
Neutralizatio
n of Special
Elements
used in a
Command
('Command
Injection')
08-05-2019 7.5
MASTER IPCAMERA01
3.3.4.2103 devices allow
Remote Command Execution,
related to the thttpd
component.
CVE ID : CVE-2019-8387
N/A
O-BAR-
MAST-
200519/272
chuango
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
106
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
a11_firmware
Improper
Access
Control
08-05-2019 4.3
The Chuango 433 MHz
burglar-alarm product line is
vulnerable to a Denial of
Service attack. When the
condition is triggered, the OV2
base station is unable to
process sensor states and
effectively prevents the alarm
from setting off, as
demonstrated by Chuango
branded products, and non-
Chuango branded products
such as the Eminent EM8617
OV2 Wifi Alarm System.
CVE ID : CVE-2019-11561
N/A O-CHU-A11_-
200519/273
a8_firmware
Improper
Access
Control
08-05-2019 4.3
The Chuango 433 MHz
burglar-alarm product line is
vulnerable to a Denial of
Service attack. When the
condition is triggered, the OV2
base station is unable to
process sensor states and
effectively prevents the alarm
from setting off, as
demonstrated by Chuango
branded products, and non-
Chuango branded products
such as the Eminent EM8617
OV2 Wifi Alarm System.
CVE ID : CVE-2019-11561
N/A O-CHU-A8_F-
200519/274
awv_plus_firmware
Improper
Access
Control
08-05-2019 4.3 The Chuango 433 MHz
burglar-alarm product line is
vulnerable to a Denial of
N/A
O-CHU-
AWV_-
200519/275
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
107
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Service attack. When the
condition is triggered, the OV2
base station is unable to
process sensor states and
effectively prevents the alarm
from setting off, as
demonstrated by Chuango
branded products, and non-
Chuango branded products
such as the Eminent EM8617
OV2 Wifi Alarm System.
CVE ID : CVE-2019-11561
b11_firmware
Improper
Access
Control
08-05-2019 4.3
The Chuango 433 MHz
burglar-alarm product line is
vulnerable to a Denial of
Service attack. When the
condition is triggered, the OV2
base station is unable to
process sensor states and
effectively prevents the alarm
from setting off, as
demonstrated by Chuango
branded products, and non-
Chuango branded products
such as the Eminent EM8617
OV2 Wifi Alarm System.
CVE ID : CVE-2019-11561
N/A O-CHU-B11_-
200519/276
cg-105s_firmware
Improper
Access
Control
08-05-2019 4.3
The Chuango 433 MHz
burglar-alarm product line is
vulnerable to a Denial of
Service attack. When the
condition is triggered, the OV2
base station is unable to
process sensor states and
effectively prevents the alarm
N/A O-CHU-CG-1-
200519/277
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
108
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
from setting off, as
demonstrated by Chuango
branded products, and non-
Chuango branded products
such as the Eminent EM8617
OV2 Wifi Alarm System.
CVE ID : CVE-2019-11561
g3_firmware
Improper
Access
Control
08-05-2019 4.3
The Chuango 433 MHz
burglar-alarm product line is
vulnerable to a Denial of
Service attack. When the
condition is triggered, the OV2
base station is unable to
process sensor states and
effectively prevents the alarm
from setting off, as
demonstrated by Chuango
branded products, and non-
Chuango branded products
such as the Eminent EM8617
OV2 Wifi Alarm System.
CVE ID : CVE-2019-11561
N/A O-CHU-G3_F-
200519/278
g5_plus_firmware
Improper
Access
Control
08-05-2019 4.3
The Chuango 433 MHz
burglar-alarm product line is
vulnerable to a Denial of
Service attack. When the
condition is triggered, the OV2
base station is unable to
process sensor states and
effectively prevents the alarm
from setting off, as
demonstrated by Chuango
branded products, and non-
Chuango branded products
such as the Eminent EM8617
N/A O-CHU-G5_P-
200519/279
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
109
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
OV2 Wifi Alarm System.
CVE ID : CVE-2019-11561
g5w_firmware
Improper
Access
Control
08-05-2019 4.3
The Chuango 433 MHz
burglar-alarm product line is
vulnerable to a Denial of
Service attack. When the
condition is triggered, the OV2
base station is unable to
process sensor states and
effectively prevents the alarm
from setting off, as
demonstrated by Chuango
branded products, and non-
Chuango branded products
such as the Eminent EM8617
OV2 Wifi Alarm System.
CVE ID : CVE-2019-11561
N/A
O-CHU-
G5W_-
200519/280
h4_plus_firmware
Improper
Access
Control
08-05-2019 4.3
The Chuango 433 MHz
burglar-alarm product line is
vulnerable to a Denial of
Service attack. When the
condition is triggered, the OV2
base station is unable to
process sensor states and
effectively prevents the alarm
from setting off, as
demonstrated by Chuango
branded products, and non-
Chuango branded products
such as the Eminent EM8617
OV2 Wifi Alarm System.
CVE ID : CVE-2019-11561
N/A
O-CHU-
H4_P-
200519/281
g5w_3g_firmware
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
110
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Improper
Access
Control
08-05-2019 4.3
The Chuango 433 MHz
burglar-alarm product line is
vulnerable to a Denial of
Service attack. When the
condition is triggered, the OV2
base station is unable to
process sensor states and
effectively prevents the alarm
from setting off, as
demonstrated by Chuango
branded products, and non-
Chuango branded products
such as the Eminent EM8617
OV2 Wifi Alarm System.
CVE ID : CVE-2019-11561
N/A
O-CHU-
G5W_-
200519/282
Cisco
hx220c_all_nvme_m5_firmware
Cross-Site
Request
Forgery
(CSRF)
03-05-2019 6.8
A vulnerability in the web-
based management interface
of Cisco HyperFlex HX-Series
could allow an
unauthenticated, remote
attacker to conduct a cross-
site request forgery (CSRF)
attack and perform arbitrary
actions on an affected system.
The vulnerability is due to
insufficient CSRF protections
for the web-based
management interface of the
affected software. An attacker
could exploit this vulnerability
by persuading a user of the
interface to follow a crafted
link. A successful exploit could
allow the attacker to perform
arbitrary actions on an
N/A O-CIS-HX22-
200519/283
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
111
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
affected system by using a web
browser and with the
privileges of the user.
CVE ID : CVE-2019-1857
hx220c_edge_m5_firmware
Cross-Site
Request
Forgery
(CSRF)
03-05-2019 6.8
A vulnerability in the web-
based management interface
of Cisco HyperFlex HX-Series
could allow an
unauthenticated, remote
attacker to conduct a cross-
site request forgery (CSRF)
attack and perform arbitrary
actions on an affected system.
The vulnerability is due to
insufficient CSRF protections
for the web-based
management interface of the
affected software. An attacker
could exploit this vulnerability
by persuading a user of the
interface to follow a crafted
link. A successful exploit could
allow the attacker to perform
arbitrary actions on an
affected system by using a web
browser and with the
privileges of the user.
CVE ID : CVE-2019-1857
N/A O-CIS-HX22-
200519/284
hx220c_m5_firmware
Cross-Site
Request
Forgery
(CSRF)
03-05-2019 6.8
A vulnerability in the web-
based management interface
of Cisco HyperFlex HX-Series
could allow an
unauthenticated, remote
attacker to conduct a cross-
site request forgery (CSRF)
N/A O-CIS-HX22-
200519/285
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
112
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
attack and perform arbitrary
actions on an affected system.
The vulnerability is due to
insufficient CSRF protections
for the web-based
management interface of the
affected software. An attacker
could exploit this vulnerability
by persuading a user of the
interface to follow a crafted
link. A successful exploit could
allow the attacker to perform
arbitrary actions on an
affected system by using a web
browser and with the
privileges of the user.
CVE ID : CVE-2019-1857
hx240c_af_m5_firmware
Cross-Site
Request
Forgery
(CSRF)
03-05-2019 6.8
A vulnerability in the web-
based management interface
of Cisco HyperFlex HX-Series
could allow an
unauthenticated, remote
attacker to conduct a cross-
site request forgery (CSRF)
attack and perform arbitrary
actions on an affected system.
The vulnerability is due to
insufficient CSRF protections
for the web-based
management interface of the
affected software. An attacker
could exploit this vulnerability
by persuading a user of the
interface to follow a crafted
link. A successful exploit could
allow the attacker to perform
arbitrary actions on an
N/A O-CIS-HX24-
200519/286
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
113
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
affected system by using a web
browser and with the
privileges of the user.
CVE ID : CVE-2019-1857
hx240c_large_form_factor_firmware
Cross-Site
Request
Forgery
(CSRF)
03-05-2019 6.8
A vulnerability in the web-
based management interface
of Cisco HyperFlex HX-Series
could allow an
unauthenticated, remote
attacker to conduct a cross-
site request forgery (CSRF)
attack and perform arbitrary
actions on an affected system.
The vulnerability is due to
insufficient CSRF protections
for the web-based
management interface of the
affected software. An attacker
could exploit this vulnerability
by persuading a user of the
interface to follow a crafted
link. A successful exploit could
allow the attacker to perform
arbitrary actions on an
affected system by using a web
browser and with the
privileges of the user.
CVE ID : CVE-2019-1857
N/A O-CIS-HX24-
200519/287
hx240c_m5_firmware
Cross-Site
Request
Forgery
(CSRF)
03-05-2019 6.8
A vulnerability in the web-
based management interface
of Cisco HyperFlex HX-Series
could allow an
unauthenticated, remote
attacker to conduct a cross-
site request forgery (CSRF)
N/A O-CIS-HX24-
200519/288
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
114
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
attack and perform arbitrary
actions on an affected system.
The vulnerability is due to
insufficient CSRF protections
for the web-based
management interface of the
affected software. An attacker
could exploit this vulnerability
by persuading a user of the
interface to follow a crafted
link. A successful exploit could
allow the attacker to perform
arbitrary actions on an
affected system by using a web
browser and with the
privileges of the user.
CVE ID : CVE-2019-1857
ucs_b200_m5_firmware
Cross-Site
Request
Forgery
(CSRF)
03-05-2019 6.8
A vulnerability in the web-
based management interface
of Cisco HyperFlex HX-Series
could allow an
unauthenticated, remote
attacker to conduct a cross-
site request forgery (CSRF)
attack and perform arbitrary
actions on an affected system.
The vulnerability is due to
insufficient CSRF protections
for the web-based
management interface of the
affected software. An attacker
could exploit this vulnerability
by persuading a user of the
interface to follow a crafted
link. A successful exploit could
allow the attacker to perform
arbitrary actions on an
N/A O-CIS-UCS_-
200519/289
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
115
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
affected system by using a web
browser and with the
privileges of the user.
CVE ID : CVE-2019-1857
ucs_b480_m5_firmware
Cross-Site
Request
Forgery
(CSRF)
03-05-2019 6.8
A vulnerability in the web-
based management interface
of Cisco HyperFlex HX-Series
could allow an
unauthenticated, remote
attacker to conduct a cross-
site request forgery (CSRF)
attack and perform arbitrary
actions on an affected system.
The vulnerability is due to
insufficient CSRF protections
for the web-based
management interface of the
affected software. An attacker
could exploit this vulnerability
by persuading a user of the
interface to follow a crafted
link. A successful exploit could
allow the attacker to perform
arbitrary actions on an
affected system by using a web
browser and with the
privileges of the user.
CVE ID : CVE-2019-1857
N/A O-CIS-UCS_-
200519/290
ucs_c125_m5_firmware
Cross-Site
Request
Forgery
(CSRF)
03-05-2019 6.8
A vulnerability in the web-
based management interface
of Cisco HyperFlex HX-Series
could allow an
unauthenticated, remote
attacker to conduct a cross-
site request forgery (CSRF)
N/A O-CIS-UCS_-
200519/291
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
116
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
attack and perform arbitrary
actions on an affected system.
The vulnerability is due to
insufficient CSRF protections
for the web-based
management interface of the
affected software. An attacker
could exploit this vulnerability
by persuading a user of the
interface to follow a crafted
link. A successful exploit could
allow the attacker to perform
arbitrary actions on an
affected system by using a web
browser and with the
privileges of the user.
CVE ID : CVE-2019-1857
ucs_c220_m5_firmware
Cross-Site
Request
Forgery
(CSRF)
03-05-2019 6.8
A vulnerability in the web-
based management interface
of Cisco HyperFlex HX-Series
could allow an
unauthenticated, remote
attacker to conduct a cross-
site request forgery (CSRF)
attack and perform arbitrary
actions on an affected system.
The vulnerability is due to
insufficient CSRF protections
for the web-based
management interface of the
affected software. An attacker
could exploit this vulnerability
by persuading a user of the
interface to follow a crafted
link. A successful exploit could
allow the attacker to perform
arbitrary actions on an
N/A O-CIS-UCS_-
200519/292
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
117
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
affected system by using a web
browser and with the
privileges of the user.
CVE ID : CVE-2019-1857
ucs_c240_m5_firmware
Cross-Site
Request
Forgery
(CSRF)
03-05-2019 6.8
A vulnerability in the web-
based management interface
of Cisco HyperFlex HX-Series
could allow an
unauthenticated, remote
attacker to conduct a cross-
site request forgery (CSRF)
attack and perform arbitrary
actions on an affected system.
The vulnerability is due to
insufficient CSRF protections
for the web-based
management interface of the
affected software. An attacker
could exploit this vulnerability
by persuading a user of the
interface to follow a crafted
link. A successful exploit could
allow the attacker to perform
arbitrary actions on an
affected system by using a web
browser and with the
privileges of the user.
CVE ID : CVE-2019-1857
N/A O-CIS-UCS_-
200519/293
ucs_c480_m5_firmware
Cross-Site
Request
Forgery
(CSRF)
03-05-2019 6.8
A vulnerability in the web-
based management interface
of Cisco HyperFlex HX-Series
could allow an
unauthenticated, remote
attacker to conduct a cross-
site request forgery (CSRF)
N/A O-CIS-UCS_-
200519/294
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
118
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
attack and perform arbitrary
actions on an affected system.
The vulnerability is due to
insufficient CSRF protections
for the web-based
management interface of the
affected software. An attacker
could exploit this vulnerability
by persuading a user of the
interface to follow a crafted
link. A successful exploit could
allow the attacker to perform
arbitrary actions on an
affected system by using a web
browser and with the
privileges of the user.
CVE ID : CVE-2019-1857
ucs_c480_ml_firmware
Cross-Site
Request
Forgery
(CSRF)
03-05-2019 6.8
A vulnerability in the web-
based management interface
of Cisco HyperFlex HX-Series
could allow an
unauthenticated, remote
attacker to conduct a cross-
site request forgery (CSRF)
attack and perform arbitrary
actions on an affected system.
The vulnerability is due to
insufficient CSRF protections
for the web-based
management interface of the
affected software. An attacker
could exploit this vulnerability
by persuading a user of the
interface to follow a crafted
link. A successful exploit could
allow the attacker to perform
arbitrary actions on an
N/A O-CIS-UCS_-
200519/295
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
119
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
affected system by using a web
browser and with the
privileges of the user.
CVE ID : CVE-2019-1857
ip_conference_phone_7832_firmware
N/A 03-05-2019 7.8
A vulnerability in the call-
handling functionality of
Session Initiation Protocol
(SIP) Software for Cisco IP
Phone 7800 Series and 8800
Series could allow an
unauthenticated, remote
attacker to cause an affected
phone to reload unexpectedly,
resulting in a temporary denial
of service (DoS) condition. The
vulnerability is due to
incomplete error handling
when XML data within a SIP
packet is parsed. An attacker
could exploit this vulnerability
by sending a SIP packet that
contains a malicious XML
payload to an affected phone.
A successful exploit could
allow the attacker to cause the
affected phone to reload
unexpectedly, resulting in a
temporary DoS condition.
CVE ID : CVE-2019-1635
N/A O-CIS-IP_C-
200519/296
ip_conference_phone_8832_firmware
N/A 03-05-2019 7.8
A vulnerability in the call-
handling functionality of
Session Initiation Protocol
(SIP) Software for Cisco IP
Phone 7800 Series and 8800
Series could allow an
N/A O-CIS-IP_C-
200519/297
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
120
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
unauthenticated, remote
attacker to cause an affected
phone to reload unexpectedly,
resulting in a temporary denial
of service (DoS) condition. The
vulnerability is due to
incomplete error handling
when XML data within a SIP
packet is parsed. An attacker
could exploit this vulnerability
by sending a SIP packet that
contains a malicious XML
payload to an affected phone.
A successful exploit could
allow the attacker to cause the
affected phone to reload
unexpectedly, resulting in a
temporary DoS condition.
CVE ID : CVE-2019-1635
ip_phone_7811_firmware
N/A 03-05-2019 7.8
A vulnerability in the call-
handling functionality of
Session Initiation Protocol
(SIP) Software for Cisco IP
Phone 7800 Series and 8800
Series could allow an
unauthenticated, remote
attacker to cause an affected
phone to reload unexpectedly,
resulting in a temporary denial
of service (DoS) condition. The
vulnerability is due to
incomplete error handling
when XML data within a SIP
packet is parsed. An attacker
could exploit this vulnerability
by sending a SIP packet that
contains a malicious XML
N/A O-CIS-IP_P-
200519/298
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
121
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
payload to an affected phone.
A successful exploit could
allow the attacker to cause the
affected phone to reload
unexpectedly, resulting in a
temporary DoS condition.
CVE ID : CVE-2019-1635
ip_phone_7821_firmware
N/A 03-05-2019 7.8
A vulnerability in the call-
handling functionality of
Session Initiation Protocol
(SIP) Software for Cisco IP
Phone 7800 Series and 8800
Series could allow an
unauthenticated, remote
attacker to cause an affected
phone to reload unexpectedly,
resulting in a temporary denial
of service (DoS) condition. The
vulnerability is due to
incomplete error handling
when XML data within a SIP
packet is parsed. An attacker
could exploit this vulnerability
by sending a SIP packet that
contains a malicious XML
payload to an affected phone.
A successful exploit could
allow the attacker to cause the
affected phone to reload
unexpectedly, resulting in a
temporary DoS condition.
CVE ID : CVE-2019-1635
N/A O-CIS-IP_P-
200519/299
ip_phone_7841_firmware
N/A 03-05-2019 7.8 A vulnerability in the call-
handling functionality of
Session Initiation Protocol
N/A O-CIS-IP_P-
200519/300
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
122
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
(SIP) Software for Cisco IP
Phone 7800 Series and 8800
Series could allow an
unauthenticated, remote
attacker to cause an affected
phone to reload unexpectedly,
resulting in a temporary denial
of service (DoS) condition. The
vulnerability is due to
incomplete error handling
when XML data within a SIP
packet is parsed. An attacker
could exploit this vulnerability
by sending a SIP packet that
contains a malicious XML
payload to an affected phone.
A successful exploit could
allow the attacker to cause the
affected phone to reload
unexpectedly, resulting in a
temporary DoS condition.
CVE ID : CVE-2019-1635
ip_phone_7861_firmware
N/A 03-05-2019 7.8
A vulnerability in the call-
handling functionality of
Session Initiation Protocol
(SIP) Software for Cisco IP
Phone 7800 Series and 8800
Series could allow an
unauthenticated, remote
attacker to cause an affected
phone to reload unexpectedly,
resulting in a temporary denial
of service (DoS) condition. The
vulnerability is due to
incomplete error handling
when XML data within a SIP
packet is parsed. An attacker
N/A O-CIS-IP_P-
200519/301
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
123
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
could exploit this vulnerability
by sending a SIP packet that
contains a malicious XML
payload to an affected phone.
A successful exploit could
allow the attacker to cause the
affected phone to reload
unexpectedly, resulting in a
temporary DoS condition.
CVE ID : CVE-2019-1635
ip_phone_8811_firmware
N/A 03-05-2019 7.8
A vulnerability in the call-
handling functionality of
Session Initiation Protocol
(SIP) Software for Cisco IP
Phone 7800 Series and 8800
Series could allow an
unauthenticated, remote
attacker to cause an affected
phone to reload unexpectedly,
resulting in a temporary denial
of service (DoS) condition. The
vulnerability is due to
incomplete error handling
when XML data within a SIP
packet is parsed. An attacker
could exploit this vulnerability
by sending a SIP packet that
contains a malicious XML
payload to an affected phone.
A successful exploit could
allow the attacker to cause the
affected phone to reload
unexpectedly, resulting in a
temporary DoS condition.
CVE ID : CVE-2019-1635
N/A O-CIS-IP_P-
200519/302
ip_phone_8841_firmware
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
124
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
N/A 03-05-2019 7.8
A vulnerability in the call-
handling functionality of
Session Initiation Protocol
(SIP) Software for Cisco IP
Phone 7800 Series and 8800
Series could allow an
unauthenticated, remote
attacker to cause an affected
phone to reload unexpectedly,
resulting in a temporary denial
of service (DoS) condition. The
vulnerability is due to
incomplete error handling
when XML data within a SIP
packet is parsed. An attacker
could exploit this vulnerability
by sending a SIP packet that
contains a malicious XML
payload to an affected phone.
A successful exploit could
allow the attacker to cause the
affected phone to reload
unexpectedly, resulting in a
temporary DoS condition.
CVE ID : CVE-2019-1635
N/A O-CIS-IP_P-
200519/303
ip_phone_8845_firmware
N/A 03-05-2019 7.8
A vulnerability in the call-
handling functionality of
Session Initiation Protocol
(SIP) Software for Cisco IP
Phone 7800 Series and 8800
Series could allow an
unauthenticated, remote
attacker to cause an affected
phone to reload unexpectedly,
resulting in a temporary denial
of service (DoS) condition. The
vulnerability is due to
N/A O-CIS-IP_P-
200519/304
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
125
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
incomplete error handling
when XML data within a SIP
packet is parsed. An attacker
could exploit this vulnerability
by sending a SIP packet that
contains a malicious XML
payload to an affected phone.
A successful exploit could
allow the attacker to cause the
affected phone to reload
unexpectedly, resulting in a
temporary DoS condition.
CVE ID : CVE-2019-1635
ip_phone_8851_firmware
N/A 03-05-2019 7.8
A vulnerability in the call-
handling functionality of
Session Initiation Protocol
(SIP) Software for Cisco IP
Phone 7800 Series and 8800
Series could allow an
unauthenticated, remote
attacker to cause an affected
phone to reload unexpectedly,
resulting in a temporary denial
of service (DoS) condition. The
vulnerability is due to
incomplete error handling
when XML data within a SIP
packet is parsed. An attacker
could exploit this vulnerability
by sending a SIP packet that
contains a malicious XML
payload to an affected phone.
A successful exploit could
allow the attacker to cause the
affected phone to reload
unexpectedly, resulting in a
N/A O-CIS-IP_P-
200519/305
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
126
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
temporary DoS condition.
CVE ID : CVE-2019-1635
ip_phone_8861_firmware
N/A 03-05-2019 7.8
A vulnerability in the call-
handling functionality of
Session Initiation Protocol
(SIP) Software for Cisco IP
Phone 7800 Series and 8800
Series could allow an
unauthenticated, remote
attacker to cause an affected
phone to reload unexpectedly,
resulting in a temporary denial
of service (DoS) condition. The
vulnerability is due to
incomplete error handling
when XML data within a SIP
packet is parsed. An attacker
could exploit this vulnerability
by sending a SIP packet that
contains a malicious XML
payload to an affected phone.
A successful exploit could
allow the attacker to cause the
affected phone to reload
unexpectedly, resulting in a
temporary DoS condition.
CVE ID : CVE-2019-1635
N/A O-CIS-IP_P-
200519/306
ip_phone_8865_firmware
N/A 03-05-2019 7.8
A vulnerability in the call-
handling functionality of
Session Initiation Protocol
(SIP) Software for Cisco IP
Phone 7800 Series and 8800
Series could allow an
unauthenticated, remote
attacker to cause an affected
N/A O-CIS-IP_P-
200519/307
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
127
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
phone to reload unexpectedly,
resulting in a temporary denial
of service (DoS) condition. The
vulnerability is due to
incomplete error handling
when XML data within a SIP
packet is parsed. An attacker
could exploit this vulnerability
by sending a SIP packet that
contains a malicious XML
payload to an affected phone.
A successful exploit could
allow the attacker to cause the
affected phone to reload
unexpectedly, resulting in a
temporary DoS condition.
CVE ID : CVE-2019-1635
unified_ip_8831_conference_phone1_firmware
N/A 03-05-2019 7.8
A vulnerability in the call-
handling functionality of
Session Initiation Protocol
(SIP) Software for Cisco IP
Phone 7800 Series and 8800
Series could allow an
unauthenticated, remote
attacker to cause an affected
phone to reload unexpectedly,
resulting in a temporary denial
of service (DoS) condition. The
vulnerability is due to
incomplete error handling
when XML data within a SIP
packet is parsed. An attacker
could exploit this vulnerability
by sending a SIP packet that
contains a malicious XML
payload to an affected phone.
A successful exploit could
N/A O-CIS-UNIF-
200519/308
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
128
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
allow the attacker to cause the
affected phone to reload
unexpectedly, resulting in a
temporary DoS condition.
CVE ID : CVE-2019-1635
unified_ip_8831_conference_phone_for_third-party_call_control2_firmware
N/A 03-05-2019 7.8
A vulnerability in the call-
handling functionality of
Session Initiation Protocol
(SIP) Software for Cisco IP
Phone 7800 Series and 8800
Series could allow an
unauthenticated, remote
attacker to cause an affected
phone to reload unexpectedly,
resulting in a temporary denial
of service (DoS) condition. The
vulnerability is due to
incomplete error handling
when XML data within a SIP
packet is parsed. An attacker
could exploit this vulnerability
by sending a SIP packet that
contains a malicious XML
payload to an affected phone.
A successful exploit could
allow the attacker to cause the
affected phone to reload
unexpectedly, resulting in a
temporary DoS condition.
CVE ID : CVE-2019-1635
N/A O-CIS-UNIF-
200519/309
wireless_ip_phone_8821-ex_firmware
N/A 03-05-2019 7.8
A vulnerability in the call-
handling functionality of
Session Initiation Protocol
(SIP) Software for Cisco IP
Phone 7800 Series and 8800
N/A O-CIS-WIRE-
200519/310
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
129
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Series could allow an
unauthenticated, remote
attacker to cause an affected
phone to reload unexpectedly,
resulting in a temporary denial
of service (DoS) condition. The
vulnerability is due to
incomplete error handling
when XML data within a SIP
packet is parsed. An attacker
could exploit this vulnerability
by sending a SIP packet that
contains a malicious XML
payload to an affected phone.
A successful exploit could
allow the attacker to cause the
affected phone to reload
unexpectedly, resulting in a
temporary DoS condition.
CVE ID : CVE-2019-1635
wireless_ip_phone_8821_firmware
N/A 03-05-2019 7.8
A vulnerability in the call-
handling functionality of
Session Initiation Protocol
(SIP) Software for Cisco IP
Phone 7800 Series and 8800
Series could allow an
unauthenticated, remote
attacker to cause an affected
phone to reload unexpectedly,
resulting in a temporary denial
of service (DoS) condition. The
vulnerability is due to
incomplete error handling
when XML data within a SIP
packet is parsed. An attacker
could exploit this vulnerability
by sending a SIP packet that
N/A O-CIS-WIRE-
200519/311
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
130
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
contains a malicious XML
payload to an affected phone.
A successful exploit could
allow the attacker to cause the
affected phone to reload
unexpectedly, resulting in a
temporary DoS condition.
CVE ID : CVE-2019-1635
rv320_dual_gigabit_wan_vpn_router_software
Improper
Authenticati
on
03-05-2019 6.8
A vulnerability in the session
management functionality of
the web-based interface for
Cisco Small Business RV320
and RV325 Dual Gigabit WAN
VPN Routers could allow an
unauthenticated, remote
attacker to hijack a valid user
session on an affected system.
An attacker could use this
impersonated session to
create a new user account or
otherwise control the device
with the privileges of the
hijacked session. The
vulnerability is due to a lack of
proper session management
controls. An attacker could
exploit this vulnerability by
sending a crafted HTTP
request to a targeted device. A
successful exploit could allow
the attacker to take control of
an existing user session on the
device. Exploitation of the
vulnerability requires that an
authorized user session is
active and that the attacker
can craft an HTTP request to
N/A O-CIS-RV32-
200519/312
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
131
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
impersonate that session.
CVE ID : CVE-2019-1724
rv325_dual_wan_gigabit_vpn_router_software
Improper
Authenticati
on
03-05-2019 6.8
A vulnerability in the session
management functionality of
the web-based interface for
Cisco Small Business RV320
and RV325 Dual Gigabit WAN
VPN Routers could allow an
unauthenticated, remote
attacker to hijack a valid user
session on an affected system.
An attacker could use this
impersonated session to
create a new user account or
otherwise control the device
with the privileges of the
hijacked session. The
vulnerability is due to a lack of
proper session management
controls. An attacker could
exploit this vulnerability by
sending a crafted HTTP
request to a targeted device. A
successful exploit could allow
the attacker to take control of
an existing user session on the
device. Exploitation of the
vulnerability requires that an
authorized user session is
active and that the attacker
can craft an HTTP request to
impersonate that session.
CVE ID : CVE-2019-1724
N/A O-CIS-RV32-
200519/313
nexus_9000_series_application_centric_infrastructure
N/A 03-05-2019 7.2 A vulnerability in the
filesystem management for the N/A O-CIS-NEXU-
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
132
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Cisco Nexus 9000 Series
Application Centric
Infrastructure (ACI) Mode
Switch Software could allow
an authenticated, local
attacker with administrator
rights to gain elevated
privileges as the root user on
an affected device. The
vulnerability is due to overly
permissive file permissions of
specific system files. An
attacker could exploit this
vulnerability by authenticating
to an affected device, creating
a crafted command string, and
writing this crafted string to a
specific file location. A
successful exploit could allow
the attacker to execute
arbitrary operating system
commands as root on an
affected device. The attacker
would need to have valid
administrator credentials for
the device.
CVE ID : CVE-2019-1803
200519/314
nexus_93108tc-ex_firmware
N/A 03-05-2019 10
A vulnerability in the SSH key
management for the Cisco
Nexus 9000 Series Application
Centric Infrastructure (ACI)
Mode Switch Software could
allow an unauthenticated,
remote attacker to connect to
the affected system with the
privileges of the root user. The
vulnerability is due to the
N/A O-CIS-NEXU-
200519/315
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
133
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
presence of a default SSH key
pair that is present in all
devices. An attacker could
exploit this vulnerability by
opening an SSH connection via
IPv6 to a targeted device using
the extracted key materials. An
exploit could allow the
attacker to access the system
with the privileges of the root
user. This vulnerability is only
exploitable over IPv6; IPv4 is
not vulnerable.
CVE ID : CVE-2019-1804
nexus_93120tx_firmware
N/A 03-05-2019 10
A vulnerability in the SSH key
management for the Cisco
Nexus 9000 Series Application
Centric Infrastructure (ACI)
Mode Switch Software could
allow an unauthenticated,
remote attacker to connect to
the affected system with the
privileges of the root user. The
vulnerability is due to the
presence of a default SSH key
pair that is present in all
devices. An attacker could
exploit this vulnerability by
opening an SSH connection via
IPv6 to a targeted device using
the extracted key materials. An
exploit could allow the
attacker to access the system
with the privileges of the root
user. This vulnerability is only
exploitable over IPv6; IPv4 is
N/A O-CIS-NEXU-
200519/316
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
134
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
not vulnerable.
CVE ID : CVE-2019-1804
nexus_93128tx_firmware
N/A 03-05-2019 10
A vulnerability in the SSH key
management for the Cisco
Nexus 9000 Series Application
Centric Infrastructure (ACI)
Mode Switch Software could
allow an unauthenticated,
remote attacker to connect to
the affected system with the
privileges of the root user. The
vulnerability is due to the
presence of a default SSH key
pair that is present in all
devices. An attacker could
exploit this vulnerability by
opening an SSH connection via
IPv6 to a targeted device using
the extracted key materials. An
exploit could allow the
attacker to access the system
with the privileges of the root
user. This vulnerability is only
exploitable over IPv6; IPv4 is
not vulnerable.
CVE ID : CVE-2019-1804
N/A O-CIS-NEXU-
200519/317
nexus_93180yc-ex_firmware
N/A 03-05-2019 10
A vulnerability in the SSH key
management for the Cisco
Nexus 9000 Series Application
Centric Infrastructure (ACI)
Mode Switch Software could
allow an unauthenticated,
remote attacker to connect to
the affected system with the
privileges of the root user. The
N/A O-CIS-NEXU-
200519/318
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
135
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
vulnerability is due to the
presence of a default SSH key
pair that is present in all
devices. An attacker could
exploit this vulnerability by
opening an SSH connection via
IPv6 to a targeted device using
the extracted key materials. An
exploit could allow the
attacker to access the system
with the privileges of the root
user. This vulnerability is only
exploitable over IPv6; IPv4 is
not vulnerable.
CVE ID : CVE-2019-1804
nexus_9332pq_firmware
N/A 03-05-2019 10
A vulnerability in the SSH key
management for the Cisco
Nexus 9000 Series Application
Centric Infrastructure (ACI)
Mode Switch Software could
allow an unauthenticated,
remote attacker to connect to
the affected system with the
privileges of the root user. The
vulnerability is due to the
presence of a default SSH key
pair that is present in all
devices. An attacker could
exploit this vulnerability by
opening an SSH connection via
IPv6 to a targeted device using
the extracted key materials. An
exploit could allow the
attacker to access the system
with the privileges of the root
user. This vulnerability is only
exploitable over IPv6; IPv4 is
N/A O-CIS-NEXU-
200519/319
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
136
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
not vulnerable.
CVE ID : CVE-2019-1804
nexus_9372px_firmware
N/A 03-05-2019 10
A vulnerability in the SSH key
management for the Cisco
Nexus 9000 Series Application
Centric Infrastructure (ACI)
Mode Switch Software could
allow an unauthenticated,
remote attacker to connect to
the affected system with the
privileges of the root user. The
vulnerability is due to the
presence of a default SSH key
pair that is present in all
devices. An attacker could
exploit this vulnerability by
opening an SSH connection via
IPv6 to a targeted device using
the extracted key materials. An
exploit could allow the
attacker to access the system
with the privileges of the root
user. This vulnerability is only
exploitable over IPv6; IPv4 is
not vulnerable.
CVE ID : CVE-2019-1804
N/A O-CIS-NEXU-
200519/320
nexus_9372tx_firmware
N/A 03-05-2019 10
A vulnerability in the SSH key
management for the Cisco
Nexus 9000 Series Application
Centric Infrastructure (ACI)
Mode Switch Software could
allow an unauthenticated,
remote attacker to connect to
the affected system with the
privileges of the root user. The
N/A O-CIS-NEXU-
200519/321
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
137
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
vulnerability is due to the
presence of a default SSH key
pair that is present in all
devices. An attacker could
exploit this vulnerability by
opening an SSH connection via
IPv6 to a targeted device using
the extracted key materials. An
exploit could allow the
attacker to access the system
with the privileges of the root
user. This vulnerability is only
exploitable over IPv6; IPv4 is
not vulnerable.
CVE ID : CVE-2019-1804
nexus_9396px_firmware
N/A 03-05-2019 10
A vulnerability in the SSH key
management for the Cisco
Nexus 9000 Series Application
Centric Infrastructure (ACI)
Mode Switch Software could
allow an unauthenticated,
remote attacker to connect to
the affected system with the
privileges of the root user. The
vulnerability is due to the
presence of a default SSH key
pair that is present in all
devices. An attacker could
exploit this vulnerability by
opening an SSH connection via
IPv6 to a targeted device using
the extracted key materials. An
exploit could allow the
attacker to access the system
with the privileges of the root
user. This vulnerability is only
exploitable over IPv6; IPv4 is
N/A O-CIS-NEXU-
200519/322
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
138
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
not vulnerable.
CVE ID : CVE-2019-1804
nexus_9396tx_firmware
N/A 03-05-2019 10
A vulnerability in the SSH key
management for the Cisco
Nexus 9000 Series Application
Centric Infrastructure (ACI)
Mode Switch Software could
allow an unauthenticated,
remote attacker to connect to
the affected system with the
privileges of the root user. The
vulnerability is due to the
presence of a default SSH key
pair that is present in all
devices. An attacker could
exploit this vulnerability by
opening an SSH connection via
IPv6 to a targeted device using
the extracted key materials. An
exploit could allow the
attacker to access the system
with the privileges of the root
user. This vulnerability is only
exploitable over IPv6; IPv4 is
not vulnerable.
CVE ID : CVE-2019-1804
N/A O-CIS-NEXU-
200519/323
nexus_9500_firmware
N/A 03-05-2019 10
A vulnerability in the SSH key
management for the Cisco
Nexus 9000 Series Application
Centric Infrastructure (ACI)
Mode Switch Software could
allow an unauthenticated,
remote attacker to connect to
the affected system with the
privileges of the root user. The
N/A O-CIS-NEXU-
200519/324
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
139
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
vulnerability is due to the
presence of a default SSH key
pair that is present in all
devices. An attacker could
exploit this vulnerability by
opening an SSH connection via
IPv6 to a targeted device using
the extracted key materials. An
exploit could allow the
attacker to access the system
with the privileges of the root
user. This vulnerability is only
exploitable over IPv6; IPv4 is
not vulnerable.
CVE ID : CVE-2019-1804
nexus_9504_firmware
N/A 03-05-2019 10
A vulnerability in the SSH key
management for the Cisco
Nexus 9000 Series Application
Centric Infrastructure (ACI)
Mode Switch Software could
allow an unauthenticated,
remote attacker to connect to
the affected system with the
privileges of the root user. The
vulnerability is due to the
presence of a default SSH key
pair that is present in all
devices. An attacker could
exploit this vulnerability by
opening an SSH connection via
IPv6 to a targeted device using
the extracted key materials. An
exploit could allow the
attacker to access the system
with the privileges of the root
user. This vulnerability is only
exploitable over IPv6; IPv4 is
N/A O-CIS-NEXU-
200519/325
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
140
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
not vulnerable.
CVE ID : CVE-2019-1804
nexus_9508_firmware
N/A 03-05-2019 10
A vulnerability in the SSH key
management for the Cisco
Nexus 9000 Series Application
Centric Infrastructure (ACI)
Mode Switch Software could
allow an unauthenticated,
remote attacker to connect to
the affected system with the
privileges of the root user. The
vulnerability is due to the
presence of a default SSH key
pair that is present in all
devices. An attacker could
exploit this vulnerability by
opening an SSH connection via
IPv6 to a targeted device using
the extracted key materials. An
exploit could allow the
attacker to access the system
with the privileges of the root
user. This vulnerability is only
exploitable over IPv6; IPv4 is
not vulnerable.
CVE ID : CVE-2019-1804
N/A O-CIS-NEXU-
200519/326
nexus_9516_firmware
N/A 03-05-2019 10
A vulnerability in the SSH key
management for the Cisco
Nexus 9000 Series Application
Centric Infrastructure (ACI)
Mode Switch Software could
allow an unauthenticated,
remote attacker to connect to
the affected system with the
privileges of the root user. The
N/A O-CIS-NEXU-
200519/327
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
141
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
vulnerability is due to the
presence of a default SSH key
pair that is present in all
devices. An attacker could
exploit this vulnerability by
opening an SSH connection via
IPv6 to a targeted device using
the extracted key materials. An
exploit could allow the
attacker to access the system
with the privileges of the root
user. This vulnerability is only
exploitable over IPv6; IPv4 is
not vulnerable.
CVE ID : CVE-2019-1804
hx220c_af_m5_firmware
Cross-Site
Request
Forgery
(CSRF)
03-05-2019 6.8
A vulnerability in the web-
based management interface
of Cisco HyperFlex HX-Series
could allow an
unauthenticated, remote
attacker to conduct a cross-
site request forgery (CSRF)
attack and perform arbitrary
actions on an affected system.
The vulnerability is due to
insufficient CSRF protections
for the web-based
management interface of the
affected software. An attacker
could exploit this vulnerability
by persuading a user of the
interface to follow a crafted
link. A successful exploit could
allow the attacker to perform
arbitrary actions on an
affected system by using a web
browser and with the
N/A O-CIS-HX22-
200519/328
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
142
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
privileges of the user.
CVE ID : CVE-2019-1857
nx-os
N/A 03-05-2019 4
A vulnerability in Cisco Nexus
9000 Series Fabric Switches in
Application Centric
Infrastructure (ACI) mode
could allow an authenticated,
remote attacker to access
sensitive information. The
vulnerability occurs because
the affected software does not
properly validate user-
supplied input. An attacker
could exploit this vulnerability
by issuing certain commands
with filtered query results on
the device. This action may
cause returned messages to
display confidential system
information. A successful
exploit could allow the
attacker to read sensitive
information on the device.
CVE ID : CVE-2019-1587
N/A O-CIS-NX-O-
200519/329
Information
Exposure 03-05-2019 2.1
A vulnerability in the Trusted
Platform Module (TPM)
functionality of software for
Cisco Nexus 9000 Series Fabric
Switches in Application
Centric Infrastructure (ACI)
mode could allow an
unauthenticated, local attacker
with physical access to view
sensitive information on an
affected device. The
vulnerability is due to a lack of
N/A O-CIS-NX-O-
200519/330
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
143
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
proper data-protection
mechanisms for disk
encryption keys that are used
within the partitions on an
affected device hard drive. An
attacker could exploit this
vulnerability by obtaining
physical access to the affected
device to view certain
cleartext keys. A successful
exploit could allow the
attacker to execute a custom
boot process or conduct
further attacks on an affected
device.
CVE ID : CVE-2019-1589
Improper
Certificate
Validation
03-05-2019 6.8
A vulnerability in the
Transport Layer Security
(TLS) certificate validation
functionality of Cisco Nexus
9000 Series Application
Centric Infrastructure (ACI)
Mode Switch Software could
allow an unauthenticated,
remote attacker to perform
insecure TLS client
authentication on an affected
device. The vulnerability is due
to insufficient TLS client
certificate validations for
certificates sent between the
various components of an ACI
fabric. An attacker who has
possession of a certificate that
is trusted by the Cisco
Manufacturing CA and the
corresponding private key
could exploit this vulnerability
N/A O-CIS-NX-O-
200519/331
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
144
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
by presenting a valid
certificate while attempting to
connect to the targeted device.
An exploit could allow the
attacker to gain full control of
all other components within
the ACI fabric of an affected
device.
CVE ID : CVE-2019-1590
N/A 03-05-2019 7.2
A vulnerability in the
background operations
functionality of Cisco Nexus
9000 Series Application
Centric Infrastructure (ACI)
Mode Switch Software could
allow an authenticated, local
attacker to gain elevated
privileges as root on an
affected device. The
vulnerability is due to
insufficient validation of user-
supplied files on an affected
device. An attacker could
exploit this vulnerability by
logging in to the CLI of the
affected device and creating a
crafted file in a specific
directory on the filesystem. A
successful exploit could allow
the attacker to execute
arbitrary operating system
commands as root on an
affected device.
CVE ID : CVE-2019-1592
N/A O-CIS-NX-O-
200519/332
Improper
Limitation of
a Pathname
03-05-2019 6.6 A vulnerability in the system
shell for Cisco Nexus 9000
Series Fabric Switches in
N/A O-CIS-NX-O-
200519/333
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
145
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
to a
Restricted
Directory
('Path
Traversal')
Application Centric
Infrastructure (ACI) mode
could allow an authenticated,
local attacker to use symbolic
links to overwrite system files.
These system files may be
sensitive and should not be
overwritable by non-root
users. The attacker would
need valid device credentials.
The vulnerability is due to
incorrect symbolic link
verification of directory paths
when they are used in the
system shell. An attacker could
exploit this vulnerability by
authenticating to the device
and providing crafted user
input to specific symbolic link
CLI commands. Successful
exploitation could allow the
attacker to overwrite system
files that should be restricted.
This vulnerability has been
fixed in software version
14.1(1i).
CVE ID : CVE-2019-1836
ios_xe
Improper
Input
Validation
13-05-2019 9
A vulnerability in the web-
based user interface (Web UI)
of Cisco IOS XE Software could
allow an authenticated, remote
attacker to execute commands
on the underlying Linux shell
of an affected device with root
privileges. The vulnerability
occurs because the affected
software improperly sanitizes
N/A O-CIS-IOS_-
200519/334
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
146
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
user-supplied input. An
attacker who has valid
administrator access to an
affected device could exploit
this vulnerability by supplying
a crafted input parameter on a
form in the Web UI and then
submitting that form. A
successful exploit could allow
the attacker to run arbitrary
commands on the device with
root privileges, which may
lead to complete system
compromise.
CVE ID : CVE-2019-1862
coship
rt3050_firmware
N/A 07-05-2019 7.5
An issue was discovered on
Shenzhen Coship WM3300
WiFi Router 5.0.0.55 devices.
The password reset
functionality of the Wireless
SSID doesn't require any type
of authentication. By making a
POST request to the
regx/wireless/wl_security_2G.
asp URI, the attacker can
change the password of the
Wi-FI network.
CVE ID : CVE-2019-7564
N/A
O-COS-
RT30-
200519/335
rt3052_firmware
N/A 07-05-2019 7.5
An issue was discovered on
Shenzhen Coship WM3300
WiFi Router 5.0.0.55 devices.
The password reset
functionality of the Wireless
N/A
O-COS-
RT30-
200519/336
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
147
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
SSID doesn't require any type
of authentication. By making a
POST request to the
regx/wireless/wl_security_2G.
asp URI, the attacker can
change the password of the
Wi-FI network.
CVE ID : CVE-2019-7564
rt7620_firmware
N/A 07-05-2019 7.5
An issue was discovered on
Shenzhen Coship WM3300
WiFi Router 5.0.0.55 devices.
The password reset
functionality of the Wireless
SSID doesn't require any type
of authentication. By making a
POST request to the
regx/wireless/wl_security_2G.
asp URI, the attacker can
change the password of the
Wi-FI network.
CVE ID : CVE-2019-7564
N/A
O-COS-
RT76-
200519/337
wm3300_firmware
N/A 07-05-2019 7.5
An issue was discovered on
Shenzhen Coship WM3300
WiFi Router 5.0.0.55 devices.
The password reset
functionality of the Wireless
SSID doesn't require any type
of authentication. By making a
POST request to the
regx/wireless/wl_security_2G.
asp URI, the attacker can
change the password of the
Wi-FI network.
CVE ID : CVE-2019-7564
N/A
O-COS-
WM33-
200519/338
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
148
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Debian
debian_linux
Out-of-
bounds Read 05-05-2019 7.5
dhcp6.c in dhcpcd before
6.11.7 and 7.x before 7.2.2 has
a buffer over-read in the
D6_OPTION_PD_EXCLUDE
feature.
CVE ID : CVE-2019-11766
N/A O-DEB-DEBI-
200519/339
Dlink
dcs-5009l_firmware
Improper
Restriction
of
Operations
within the
Bounds of a
Memory
Buffer
06-05-2019 6.5
The D-Link DCS series of Wi-Fi
cameras contains a stack-
based buffer overflow in
alphapd, the camera's web
server. The overflow allows a
remotely authenticated
attacker to execute arbitrary
code by providing a long string
in the WEPEncryption
parameter when requesting
wireless.htm. Vulnerable
devices include DCS-5009L
(1.08.11 and below), DCS-
5010L (1.14.09 and below),
DCS-5020L (1.15.12 and
below), DCS-5025L (1.03.07
and below), DCS-5030L
(1.04.10 and below), DCS-930L
(2.16.01 and below), DCS-931L
(1.14.11 and below), DCS-932L
(2.17.01 and below), DCS-933L
(1.14.11 and below), and DCS-
934L (1.05.04 and below).
CVE ID : CVE-2019-10999
N/A O-DLI-DCS--
200519/340
dcs-5010l_firmware
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
149
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Improper
Restriction
of
Operations
within the
Bounds of a
Memory
Buffer
06-05-2019 6.5
The D-Link DCS series of Wi-Fi
cameras contains a stack-
based buffer overflow in
alphapd, the camera's web
server. The overflow allows a
remotely authenticated
attacker to execute arbitrary
code by providing a long string
in the WEPEncryption
parameter when requesting
wireless.htm. Vulnerable
devices include DCS-5009L
(1.08.11 and below), DCS-
5010L (1.14.09 and below),
DCS-5020L (1.15.12 and
below), DCS-5025L (1.03.07
and below), DCS-5030L
(1.04.10 and below), DCS-930L
(2.16.01 and below), DCS-931L
(1.14.11 and below), DCS-932L
(2.17.01 and below), DCS-933L
(1.14.11 and below), and DCS-
934L (1.05.04 and below).
CVE ID : CVE-2019-10999
N/A O-DLI-DCS--
200519/341
dcs-5020l_firmware
Improper
Restriction
of
Operations
within the
Bounds of a
Memory
Buffer
06-05-2019 6.5
The D-Link DCS series of Wi-Fi
cameras contains a stack-
based buffer overflow in
alphapd, the camera's web
server. The overflow allows a
remotely authenticated
attacker to execute arbitrary
code by providing a long string
in the WEPEncryption
parameter when requesting
wireless.htm. Vulnerable
devices include DCS-5009L
(1.08.11 and below), DCS-
N/A O-DLI-DCS--
200519/342
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
150
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
5010L (1.14.09 and below),
DCS-5020L (1.15.12 and
below), DCS-5025L (1.03.07
and below), DCS-5030L
(1.04.10 and below), DCS-930L
(2.16.01 and below), DCS-931L
(1.14.11 and below), DCS-932L
(2.17.01 and below), DCS-933L
(1.14.11 and below), and DCS-
934L (1.05.04 and below).
CVE ID : CVE-2019-10999
dcs-5025l_firmware
Improper
Restriction
of
Operations
within the
Bounds of a
Memory
Buffer
06-05-2019 6.5
The D-Link DCS series of Wi-Fi
cameras contains a stack-
based buffer overflow in
alphapd, the camera's web
server. The overflow allows a
remotely authenticated
attacker to execute arbitrary
code by providing a long string
in the WEPEncryption
parameter when requesting
wireless.htm. Vulnerable
devices include DCS-5009L
(1.08.11 and below), DCS-
5010L (1.14.09 and below),
DCS-5020L (1.15.12 and
below), DCS-5025L (1.03.07
and below), DCS-5030L
(1.04.10 and below), DCS-930L
(2.16.01 and below), DCS-931L
(1.14.11 and below), DCS-932L
(2.17.01 and below), DCS-933L
(1.14.11 and below), and DCS-
934L (1.05.04 and below).
CVE ID : CVE-2019-10999
N/A O-DLI-DCS--
200519/343
dcs-5030l_firmware
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
151
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Improper
Restriction
of
Operations
within the
Bounds of a
Memory
Buffer
06-05-2019 6.5
The D-Link DCS series of Wi-Fi
cameras contains a stack-
based buffer overflow in
alphapd, the camera's web
server. The overflow allows a
remotely authenticated
attacker to execute arbitrary
code by providing a long string
in the WEPEncryption
parameter when requesting
wireless.htm. Vulnerable
devices include DCS-5009L
(1.08.11 and below), DCS-
5010L (1.14.09 and below),
DCS-5020L (1.15.12 and
below), DCS-5025L (1.03.07
and below), DCS-5030L
(1.04.10 and below), DCS-930L
(2.16.01 and below), DCS-931L
(1.14.11 and below), DCS-932L
(2.17.01 and below), DCS-933L
(1.14.11 and below), and DCS-
934L (1.05.04 and below).
CVE ID : CVE-2019-10999
N/A O-DLI-DCS--
200519/344
dcs-930l_firmware
Improper
Restriction
of
Operations
within the
Bounds of a
Memory
Buffer
06-05-2019 6.5
The D-Link DCS series of Wi-Fi
cameras contains a stack-
based buffer overflow in
alphapd, the camera's web
server. The overflow allows a
remotely authenticated
attacker to execute arbitrary
code by providing a long string
in the WEPEncryption
parameter when requesting
wireless.htm. Vulnerable
devices include DCS-5009L
(1.08.11 and below), DCS-
N/A O-DLI-DCS--
200519/345
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
152
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
5010L (1.14.09 and below),
DCS-5020L (1.15.12 and
below), DCS-5025L (1.03.07
and below), DCS-5030L
(1.04.10 and below), DCS-930L
(2.16.01 and below), DCS-931L
(1.14.11 and below), DCS-932L
(2.17.01 and below), DCS-933L
(1.14.11 and below), and DCS-
934L (1.05.04 and below).
CVE ID : CVE-2019-10999
dcs-931l_firmware
Improper
Restriction
of
Operations
within the
Bounds of a
Memory
Buffer
06-05-2019 6.5
The D-Link DCS series of Wi-Fi
cameras contains a stack-
based buffer overflow in
alphapd, the camera's web
server. The overflow allows a
remotely authenticated
attacker to execute arbitrary
code by providing a long string
in the WEPEncryption
parameter when requesting
wireless.htm. Vulnerable
devices include DCS-5009L
(1.08.11 and below), DCS-
5010L (1.14.09 and below),
DCS-5020L (1.15.12 and
below), DCS-5025L (1.03.07
and below), DCS-5030L
(1.04.10 and below), DCS-930L
(2.16.01 and below), DCS-931L
(1.14.11 and below), DCS-932L
(2.17.01 and below), DCS-933L
(1.14.11 and below), and DCS-
934L (1.05.04 and below).
CVE ID : CVE-2019-10999
N/A O-DLI-DCS--
200519/346
dcs-932l_firmware
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
153
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Improper
Restriction
of
Operations
within the
Bounds of a
Memory
Buffer
06-05-2019 6.5
The D-Link DCS series of Wi-Fi
cameras contains a stack-
based buffer overflow in
alphapd, the camera's web
server. The overflow allows a
remotely authenticated
attacker to execute arbitrary
code by providing a long string
in the WEPEncryption
parameter when requesting
wireless.htm. Vulnerable
devices include DCS-5009L
(1.08.11 and below), DCS-
5010L (1.14.09 and below),
DCS-5020L (1.15.12 and
below), DCS-5025L (1.03.07
and below), DCS-5030L
(1.04.10 and below), DCS-930L
(2.16.01 and below), DCS-931L
(1.14.11 and below), DCS-932L
(2.17.01 and below), DCS-933L
(1.14.11 and below), and DCS-
934L (1.05.04 and below).
CVE ID : CVE-2019-10999
N/A O-DLI-DCS--
200519/347
dcs-933l_firmware
Improper
Restriction
of
Operations
within the
Bounds of a
Memory
Buffer
06-05-2019 6.5
The D-Link DCS series of Wi-Fi
cameras contains a stack-
based buffer overflow in
alphapd, the camera's web
server. The overflow allows a
remotely authenticated
attacker to execute arbitrary
code by providing a long string
in the WEPEncryption
parameter when requesting
wireless.htm. Vulnerable
devices include DCS-5009L
(1.08.11 and below), DCS-
N/A O-DLI-DCS--
200519/348
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
154
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
5010L (1.14.09 and below),
DCS-5020L (1.15.12 and
below), DCS-5025L (1.03.07
and below), DCS-5030L
(1.04.10 and below), DCS-930L
(2.16.01 and below), DCS-931L
(1.14.11 and below), DCS-932L
(2.17.01 and below), DCS-933L
(1.14.11 and below), and DCS-
934L (1.05.04 and below).
CVE ID : CVE-2019-10999
dcs-934l_firmware
Improper
Restriction
of
Operations
within the
Bounds of a
Memory
Buffer
06-05-2019 6.5
The D-Link DCS series of Wi-Fi
cameras contains a stack-
based buffer overflow in
alphapd, the camera's web
server. The overflow allows a
remotely authenticated
attacker to execute arbitrary
code by providing a long string
in the WEPEncryption
parameter when requesting
wireless.htm. Vulnerable
devices include DCS-5009L
(1.08.11 and below), DCS-
5010L (1.14.09 and below),
DCS-5020L (1.15.12 and
below), DCS-5025L (1.03.07
and below), DCS-5030L
(1.04.10 and below), DCS-930L
(2.16.01 and below), DCS-931L
(1.14.11 and below), DCS-932L
(2.17.01 and below), DCS-933L
(1.14.11 and below), and DCS-
934L (1.05.04 and below).
CVE ID : CVE-2019-10999
N/A O-DLI-DCS--
200519/349
engeniustech
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
155
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
ews660ap_firmware
Improper
Neutralizatio
n of Special
Elements
used in a
Command
('Command
Injection')
09-05-2019 10
The EnGenius EWS660AP
router with firmware 2.0.284
allows an attacker to execute
arbitrary commands using the
built-in ping and traceroute
utilities by using different
payloads and injecting
multiple parameters. This
vulnerability is fixed in a later
firmware version.
CVE ID : CVE-2019-11353
N/A
O-ENG-
EWS6-
200519/350
eq-3
ccu3_firmware
Improper
Limitation of
a Pathname
to a
Restricted
Directory
('Path
Traversal')
13-05-2019 5
Directory Traversal /
Arbitrary File Read in eQ-3 AG
Homematic CCU3 3.43.15 and
earlier allows remote
attackers to read arbitrary
files of the device's filesystem.
This vulnerability can be
exploited by unauthenticated
attackers with access to the
web interface.
CVE ID : CVE-2019-9726
N/A O-EQ--CCU3-
200519/351
N/A 13-05-2019 5
Unauthenticated password
hash disclosure in the
User.getUserPWD method in
eQ-3 AG Homematic CCU3
3.43.15 and earlier allows
remote attackers to retrieve
the GUI password hashes of
GUI users. This vulnerability
can be exploited by
unauthenticated attackers
with access to the web
N/A O-EQ--CCU3-
200519/352
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
156
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
interface.
CVE ID : CVE-2019-9727
Fedoraproject
fedora
Improper
Input
Validation
07-05-2019 9.3
KDE KAuth before 5.55 allows
the passing of parameters with
arbitrary types to helpers
running as root over DBus via
DBusHelperProxy.cpp. Certain
types can cause crashes, and
trigger the decoding of
arbitrary images with
dynamically loaded plugins. In
other words, KAuth
unintentionally causes this
plugin code to run as root,
which increases the severity of
any possible exploitation of a
plugin vulnerability.
CVE ID : CVE-2019-7443
N/A
O-FED-
FEDO-
200519/353
android
N/A 08-05-2019 6.9
In SmsDefaultDialog.onStart of
SmsDefaultDialog.java, there is
a possible escalation of
privilege due to an overlay
attack. This could lead to local
escalation of privilege,
granting privileges to a local
app without the user's
informed consent, with no
additional privileges needed.
User interaction is needed for
exploitation. Product: Android
Versions: Android-7.0
Android-7.1.1 Android-7.1.2
https://so
urce.androi
d.com/sec
urity/bulle
tin/2019-
05-01
O-GOO-
ANDR-
200519/354
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
157
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Android-8.0 Android-8.1
Android-9 Android ID: A-
120484087
CVE ID : CVE-2019-2043
Out-of-
bounds
Write
08-05-2019 9.3
In
MakeMP>G4VideoCodecSpecif
icData of APacketSource.cpp,
there is a possible out-of-
bounds write due to an
incorrect bounds check. This
could lead to remote code
execution in the media server
with no additional execution
privileges needed. User
interaction is needed for
exploitation. Product: Android
Versions: Android-7.0
Android-7.1.1 Android-7.1.2
Android-8.0 Android-8.1
Android-9 Android ID: A-
123701862
CVE ID : CVE-2019-2044
https://so
urce.androi
d.com/sec
urity/bulle
tin/2019-
05-01
O-GOO-
ANDR-
200519/355
Out-of-
bounds
Write
08-05-2019 10
In JSCallTyper of typer.cc,
there is an out of bounds write
due to an incorrect bounds
check. This could lead to
remote code execution in the
proxy auto-config with no
additional execution privileges
needed. User interaction is not
needed for exploitation.
Product: Android Versions:
Android-7.0 Android-7.1.1
Android-7.1.2 Android-8.1
Android-9 Android ID: A-
117554758
CVE ID : CVE-2019-2045
https://so
urce.androi
d.com/sec
urity/bulle
tin/2019-
05-01
O-GOO-
ANDR-
200519/356
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
158
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Integer
Overflow or
Wraparound
08-05-2019 10
In
CalculateInstanceSizeForDeriv
edClass of objects.cc, there is
possible memory corruption
due to an integer overflow.
This could lead to remote code
execution in the proxy auto-
config with no additional
execution privileges needed.
User interaction is not needed
for exploitation. Product:
Android Versions: Android-7.0
Android-7.1.1 Android-7.1.2
Android-8.0 Android-8.1
Android-9 Android ID: A-
117556220
CVE ID : CVE-2019-2046
https://so
urce.androi
d.com/sec
urity/bulle
tin/2019-
05-01
O-GOO-
ANDR-
200519/357
Out-of-
bounds
Write
08-05-2019 10
In UpdateLoadElement of ic.cc,
there is a possible out-of-
bounds write due to type
confusion. This could lead to
remote code execution in the
proxy auto-config with no
additional execution privileges
needed. User interaction is not
needed for exploitation.
Product: Android Versions:
Android-7.0 Android-7.1.1
Android-7.1.2 Android-8.0
Android-8.1 Android-9
Android ID: A-117607414
CVE ID : CVE-2019-2047
https://so
urce.androi
d.com/sec
urity/bulle
tin/2019-
05-01
O-GOO-
ANDR-
200519/358
Use After
Free 08-05-2019 7.2
In SendMediaUpdate and
SendFolderUpdate of
avrcp_service.cc, there is a
possible memory corruption
due to a use after free. This
https://so
urce.androi
d.com/sec
urity/bulle
tin/2019-
O-GOO-
ANDR-
200519/359
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
159
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
could lead to local escalation of
privilege in the Bluetooth
service with no additional
execution privileges needed.
User interaction is not needed
for exploitation. Product:
Android Versions: Android-9
Android ID: A-120445479
CVE ID : CVE-2019-2049
05-01
Use After
Free 08-05-2019 7.2
In tearDownClientInterface of
WificondControl.java, there is
a possible use after free due to
improper locking. This could
lead to local escalation of
privilege with no additional
execution privileges needed.
User interaction is not needed
for exploitation. Product:
Android Versions: Android-8.0
Android-8.1 Android-9
Android ID: A-121327323
CVE ID : CVE-2019-2050
https://so
urce.androi
d.com/sec
urity/bulle
tin/2019-
05-01
O-GOO-
ANDR-
200519/360
Out-of-
bounds Read 08-05-2019 7.8
In heap of spaces.h, there is a
possible out of bounds read
due to improper input
validation. This could lead to
remote information disclosure
when processing a proxy auto
config file with no additional
execution privileges needed.
User interaction is not needed
for exploitation. Product:
Android Versions: Android-7.0
Android-7.1.1 Android-7.1.2
Android-8.0 Android-8.1
Android-9 Android ID: A-
117555811
https://so
urce.androi
d.com/sec
urity/bulle
tin/2019-
05-01
O-GOO-
ANDR-
200519/361
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
160
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
CVE ID : CVE-2019-2051
Out-of-
bounds Read 08-05-2019 7.8
In VisitPointers of heap.cc,
there is a possible out-of-
bounds read due to type
confusion. This could lead to
remote information disclosure
with no additional execution
privileges needed. User
interaction is not needed for
exploitation. Product: Android
Versions: Android-7.0
Android-7.1.1 Android-7.1.2
Android-8.1 Android-9
Android ID: A-117556606
CVE ID : CVE-2019-2052
https://so
urce.androi
d.com/sec
urity/bulle
tin/2019-
05-01
O-GOO-
ANDR-
200519/362
Out-of-
bounds Read 08-05-2019 4.9
In
wnm_parse_neighbor_report_e
lem of wnm_sta.c, there is a
possible out-of-bounds read
due to missing bounds check.
This could lead to local
information disclosure with no
additional execution privileges
needed. User interaction is not
needed for exploitation.
Product: Android Versions:
Android-7.0 Android-7.1.1
Android-7.1.2 Android-8.0
Android-8.1 Android-9
Android ID: A-122074159
CVE ID : CVE-2019-2053
https://so
urce.androi
d.com/sec
urity/bulle
tin/2019-
05-01
O-GOO-
ANDR-
200519/363
N/A 08-05-2019 4.6
In the seccomp
implementation prior to
kernel version 4.8, there is a
possible seccomp bypass due
to seccomp policies that allow
the use of ptrace. This could
https://so
urce.androi
d.com/sec
urity/bulle
tin/2019-
05-01
O-GOO-
ANDR-
200519/364
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
161
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
lead to local escalation of
privilege with no additional
execution privileges needed.
User interaction is not needed
for exploitation. Product:
Android Versions: Android
kernel Android ID: A-
119769499
CVE ID : CVE-2019-2054
hisilicon
hi3516_firmware
Improper
Restriction
of
Operations
within the
Bounds of a
Memory
Buffer
07-05-2019 10
A buffer overflow vulnerability
in the streaming server
provided by hisilicon in
HI3516 models allows an
unauthenticated attacker to
remotely run arbitrary code by
sending a special RTSP over
HTTP packet. The vulnerability
was found in many cameras
using hisilicon's hardware and
software, as demonstrated by
TENVIS cameras 1.3.3.3,
1.2.7.2, 1.2.1.4, 7.1.20.1.2, and
13.1.1.1.7.2; FDT FD7902
11.3.14.1.3 and 10.3.14.1.3;
FOSCAM cameras
3.2.1.1.1_0815 and
3.2.2.2.1_0815; and Dericam
cameras V11.3.8.1.12.
CVE ID : CVE-2019-11560
N/A O-HIS-HI35-
200519/365
jio
jmr1140_firmware
Improper
Neutralizatio
n of Input
07-05-2019 4.3 cgi-bin/qcmap_web_cgi on
JioFi 4 jmr1140
Amtel_JMR1140_R12.07
N/A O-JIO-JMR1-
200519/366
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
162
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
During Web
Page
Generation
('Cross-site
Scripting')
devices has POST based
reflected XSS via the Page
parameter. No sanitization is
performed for user input data.
CVE ID : CVE-2019-7687
N/A 07-05-2019 5
JioFi 4 jmr1140
Amtel_JMR1140_R12.07
devices allow remote attackers
to obtain the Wi-Fi password
by making a cgi-
bin/qcmap_web_cgi
Page=GetWiFi_Setting request
and then reading the
wpa_security_key field.
CVE ID : CVE-2019-7745
N/A O-JIO-JMR1-
200519/367
Cross-Site
Request
Forgery
(CSRF)
07-05-2019 4.3
JioFi 4 jmr1140
Amtel_JMR1140_R12.07
devices allow remote attackers
to obtain an admin token by
making a /cgi-bin/qcmap_auth
type=getuser request and then
reading the token field. This
token value can then be used
to change the Wi-Fi password
or perform a factory reset.
CVE ID : CVE-2019-7746
N/A O-JIO-JMR1-
200519/368
Linux
linux_kernel
N/A 02-05-2019 10
udp_gro_receive_segment in
net/ipv4/udp_offload.c in the
Linux kernel 5.x before 5.0.13
allows remote attackers to
cause a denial of service (slab-
out-of-bounds memory
corruption) or possibly have
unspecified other impact via
N/A O-LIN-LINU-
200519/369
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
163
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
UDP packets with a 0 payload,
because of mishandling of
padded packets, aka the "GRO
packet of death" issue.
CVE ID : CVE-2019-11683
NULL
Pointer
Dereference
07-05-2019 7.8
An issue was discovered in the
Linux kernel before 5.0.7. A
NULL pointer dereference can
occur when
megasas_create_frame_pool()
fails in megasas_alloc_cmds()
in
drivers/scsi/megaraid/megar
aid_sas_base.c. This causes a
Denial of Service, related to a
use-after-free.
CVE ID : CVE-2019-11810
N/A O-LIN-LINU-
200519/370
Use After
Free 07-05-2019 10
An issue was discovered in the
Linux kernel before 5.0.4.
There is a use-after-free upon
attempted read access to
/proc/ioports after the ipmi_si
module is removed, related to
drivers/char/ipmi/ipmi_si_intf
.c,
drivers/char/ipmi/ipmi_si_me
m_io.c, and
drivers/char/ipmi/ipmi_si_po
rt_io.c.
CVE ID : CVE-2019-11811
N/A O-LIN-LINU-
200519/371
Concurrent
Execution
using Shared
Resource
with
Improper
Synchronizat
08-05-2019 9.3
An issue was discovered in
rds_tcp_kill_sock in
net/rds/tcp.c in the Linux
kernel before 5.0.8. There is a
race condition leading to a
use-after-free, related to net
N/A O-LIN-LINU-
200519/372
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
164
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
ion ('Race
Condition')
namespace cleanup.
CVE ID : CVE-2019-11815
Improper
Neutralizatio
n of Special
Elements
used in a
Command
('Command
Injection')
10-05-2019 2.1
The do_hidp_sock_ioctl
function in
net/bluetooth/hidp/sock.c in
the Linux kernel before 5.0.15
allows a local user to obtain
potentially sensitive
information from kernel stack
memory via a HIDPCONNADD
command, because a name
field may not end with a '\0'
character.
CVE ID : CVE-2019-11884
N/A O-LIN-LINU-
200519/373
Opensuse
leap
Improper
Input
Validation
07-05-2019 9.3
KDE KAuth before 5.55 allows
the passing of parameters with
arbitrary types to helpers
running as root over DBus via
DBusHelperProxy.cpp. Certain
types can cause crashes, and
trigger the decoding of
arbitrary images with
dynamically loaded plugins. In
other words, KAuth
unintentionally causes this
plugin code to run as root,
which increases the severity of
any possible exploitation of a
plugin vulnerability.
CVE ID : CVE-2019-7443
N/A
O-OPE-
LEAP-
200519/374
wincofireworks
fw-1007_firmware
Improper 08-05-2019 3.3 An exploitable improper N/A O-WIN-FW-
CV Scoring Scale (CVSS)
0-1 1-2 2-3 3-4 4-5 5-6 6-7 7-8 8-9 9-10
Vulnerability Type(s): CSRF- Cross Site Request Forgery; Dir. Trav.- Directory Traversal; +Info- Gain Information; DoS- Denial of Service; XSS- Cross Site Scripting; Sql- SQL Injection; N/A- Not Applicable.
165
Vulnerability
Type(s) Publish Date CVSS Description & CVE ID Patch NCIIPC ID
Access
Control
access control vulnerability
exists in the bluetooth low
energy functionality of Winco
Fireworks FireFly FW-1007
V2.0. An attacker can connect
to the device to trigger this
vulnerability.
CVE ID : CVE-2019-5014
1-
200519/375
xiongmaitech
besder_ip20h1_firmware
Integer
Overflow or
Wraparound
10-05-2019 3.3
An issue was discovered on
XiongMai Besder IP20H1
V4.02.R12.00035520.12012.0
47500.00200 cameras. An
attacker on the same local
network as the camera can
craft a message with a size
field larger than 0x80000000
and send it to the camera,
related to an integer overflow
or use of a negative number.
This then crashes the camera
for about 120 seconds.
CVE ID : CVE-2019-11878
N/A O-XIO-BESD-
200519/376