CVE-2019-12256

{"id": "CVE-2019-12256", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2019-08-09T18:15:11.227", "references": [{"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://security.netapp.com/advisory/ntap-20190802-0001/", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://support.f5.com/csp/article/K41190253", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12256", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://support2.windriver.com/index.php?page=security-notices", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-120"}]}], "descriptions": [{"lang": "en", "value": "Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets\u2019 IP options."}, {"lang": "es", "value": "Wind River VxWorks 6.9 y vx7 tiene un desbordamiento de b\u00fafer en el componente IPv4. Existe una vulnerabilidad de seguridad IPNET: desbordamiento de pila en el an\u00e1lisis de las opciones IP de los paquetes IPv4."}], "lastModified": "2022-08-16T13:00:08.227", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D796397A-5CB0-4BF1-A2FD-8943B15751F8", "versionEndExcluding": "6.9.4.12", "versionStartIncluding": "6.5"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E243199-8506-4F65-9C22-2CBD50208F0D", "versionEndIncluding": "8.40.50.00", "versionStartIncluding": "8.00"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16C417C4-DC9B-48A8-AEAE-755BCC2DA389", "versionEndIncluding": "5.9.0.7", "versionStartIncluding": "5.9.0.0"}, {"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F047B55-4AAB-438D-BBF2-A0BAD4A5AFB2", "versionEndIncluding": "5.9.1.12", "versionStartIncluding": "5.9.1.0."}, {"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "90EA3BDF-084B-4D67-B0EF-4D27CA0EF283", "versionEndIncluding": "6.2.3.1", "versionStartIncluding": "6.2.0.0"}, {"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D59A1A87-D7B3-4F38-A83E-8CBF0A55A476", "versionEndIncluding": "6.2.4.3", "versionStartIncluding": "6.2.4.0"}, {"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C306A1CA-3A13-4085-A481-25A6B2D2412A", "versionEndIncluding": "6.2.5.3", "versionStartIncluding": "6.2.5.0"}, {"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "819517C6-9288-45B1-96B0-90B05AA5F3C4", "versionEndIncluding": "6.2.6.1", "versionStartIncluding": "6.2.6.0"}, {"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "31148F5D-C86F-463D-9A5B-9D82515EF901", "versionEndIncluding": "6.2.7.4", "versionStartIncluding": "6.2.7.0"}, {"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24520D09-E8D2-43BE-A4D3-19FE828A4309", "versionEndIncluding": "6.2.9.2", "versionStartIncluding": "6.2.9.0"}, {"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DF416ABF-027E-4571-A81C-36280BFAA1F1", "versionEndIncluding": "6.5.0.3", "versionStartIncluding": "6.5.0.0"}, {"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C253EDA-69CE-4C3A-9ABF-A7C55CEFA29C", "versionEndIncluding": "6.5.1.4", "versionStartIncluding": "6.5.1.0"}, {"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "70C43F8A-0B85-4042-B691-8FDC841A3C2B", "versionEndIncluding": "6.5.2.3", "versionStartIncluding": "6.5.2.0"}, {"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F26B212-EE89-485A-A414-553C0F39DCA3", "versionEndIncluding": "6.5.3.3", "versionStartIncluding": "6.5.3.0"}, {"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6BA5213-EA5E-423B-9207-E06AED2917B3", "versionEndIncluding": "6.5.4.3", "versionStartIncluding": "6.5.4.0."}, {"criteria": "cpe:2.3:o:sonicwall:sonicos:6.2.7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7BC6DEEC-5FB4-4017-B8F0-99A17AD93A52"}, {"criteria": "cpe:2.3:o:sonicwall:sonicos:6.2.7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DA6DA86B-D7E7-48E6-B841-206B9501DA67"}, {"criteria": "cpe:2.3:o:sonicwall:sonicos:6.2.7.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0A2A903-3092-40FB-99FE-B864C52D343E"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp200", "vulnerable": true, "matchCriteriaId": "E7F2B915-D41F-4D3C-A52D-A63AB729716F", "versionEndExcluding": "7.59"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6E0F0E17-7BE6-40B8-985B-DF2F5F9D2CA7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp300", "vulnerable": true, "matchCriteriaId": "00314478-416E-488B-ADBF-DDED873ABE41", "versionEndExcluding": "7.91"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:siprotec_5:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6E0F0E17-7BE6-40B8-985B-DF2F5F9D2CA7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:power_meter_9410_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9995922-9A9F-45B0-A982-3BC1D92B76D8", "versionEndExcluding": "2.2.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:power_meter_9410:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7900C33F-1C31-4A6F-B98C-EF0A8E64F241"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:power_meter_9810_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FCC4AE0-E5A4-4B83-80E3-037FB836A9DA"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:power_meter_9810:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BB5144E0-9082-497E-8958-6B85FDDD6C63"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:ruggedcom_win7000_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "47C998D1-9DD5-4470-9241-174170541408", "versionEndExcluding": "bs5.2.461.17"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:ruggedcom_win7000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BD6F6C12-9373-48F2-B576-C9AC7A287B53"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:ruggedcom_win7018_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8216AFC1-213B-4E31-8660-5161E08A7C4E", "versionEndExcluding": "bs5.2.461.17"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:ruggedcom_win7018:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FC0F5DBF-4730-40CE-B9CE-DD4DA31D3ED6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:ruggedcom_win7025_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE5D7B8D-E74F-4839-8839-23894307992D", "versionEndExcluding": "bs5.2.461.17"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:ruggedcom_win7025:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "63967CFD-D35C-4793-858A-032C44E282F9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:ruggedcom_win7200_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD25C864-C272-45B7-8EC5-9120DF6A2072", "versionEndExcluding": "bs5.2.461.17"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:ruggedcom_win7200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F7146409-09B7-499C-9544-361B234E952D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3950CA89-B400-427C-B6F2-54337AB694E0", "versionEndIncluding": "07.0.07"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:belden:hirschmann_ees20:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D35A90AD-034E-434A-B989-4F871E0AD9A5"}, {"criteria": "cpe:2.3:h:belden:hirschmann_ees25:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F3EF7BBA-2BCC-4A16-BBEE-E67CE8F95BE4"}, {"criteria": "cpe:2.3:h:belden:hirschmann_eesx20:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "76F453AF-21B0-4611-95D7-88AD821632E8"}, {"criteria": "cpe:2.3:h:belden:hirschmann_eesx30:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BE6A655D-ED55-4344-9F75-5995371C87C3"}, {"criteria": "cpe:2.3:h:belden:hirschmann_grs1020:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "29576107-85D0-4877-875F-7F60EFDB803D"}, {"criteria": "cpe:2.3:h:belden:hirschmann_grs1030:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FF6200A3-7B4F-4A8E-B9DC-EE6A82093C20"}, {"criteria": "cpe:2.3:h:belden:hirschmann_grs1042:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DEBA19D8-8B2D-4AD0-AA77-A3139C33F44D"}, {"criteria": "cpe:2.3:h:belden:hirschmann_grs1120:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1B4F7FEA-BB1F-405E-A047-87D0BF0DF054"}, {"criteria": "cpe:2.3:h:belden:hirschmann_grs1130:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "641912E2-C368-4438-8D5C-F6615B9FDABC"}, {"criteria": "cpe:2.3:h:belden:hirschmann_grs1142:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F86BB5E8-4499-4E4F-AE5E-1471B297C16F"}, {"criteria": "cpe:2.3:h:belden:hirschmann_msp30:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E89FAE18-5B44-4203-ABFD-BC40AF7E51BE"}, {"criteria": "cpe:2.3:h:belden:hirschmann_msp32:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8D0DFE2E-2356-46D6-B2D9-89FD907CA168"}, {"criteria": "cpe:2.3:h:belden:hirschmann_rail_switch_power_lite:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FDE06D94-B686-4468-86CF-AA68BB5CFEF4"}, {"criteria": "cpe:2.3:h:belden:hirschmann_rail_switch_power_smart:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BC6487F7-284A-40C2-B70D-9380AD2A47C1"}, {"criteria": "cpe:2.3:h:belden:hirschmann_red25:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "79354FA2-4C48-4506-94BE-7B9ECB18015D"}, {"criteria": "cpe:2.3:h:belden:hirschmann_rsp20:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DED918F8-041E-4FFC-AFE8-484828696EDB"}, {"criteria": "cpe:2.3:h:belden:hirschmann_rsp25:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4ED7974C-BBE6-4BAE-8962-7B5638C7AE20"}, {"criteria": "cpe:2.3:h:belden:hirschmann_rsp30:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5EE16D46-7BA9-43D4-BB4E-1B638CE6C41B"}, {"criteria": "cpe:2.3:h:belden:hirschmann_rsp35:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "165B837A-EF09-489F-BD7C-54107F491BC8"}, {"criteria": "cpe:2.3:h:belden:hirschmann_rspe30:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C06BF302-8E62-41DB-AA67-6369527B598F"}, {"criteria": "cpe:2.3:h:belden:hirschmann_rspe32:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "56D29DAB-C5D6-4539-86E4-43624FB957A9"}, {"criteria": "cpe:2.3:h:belden:hirschmann_rspe35:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "305A9B3E-786C-4F8E-BE36-B4ED84650288"}, {"criteria": "cpe:2.3:h:belden:hirschmann_rspe37:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4CBC8B88-4EC3-4827-B100-3A5A91B29CC2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2681FAC3-1E59-497A-9931-F4059F84EF86", "versionEndIncluding": "07.5.01"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:belden:hirschmann_msp40:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E92390DF-BFCC-4F30-88A0-33F63CA9B1B3"}, {"criteria": "cpe:2.3:h:belden:hirschmann_octopus_os3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A18D078E-1F1A-4DE5-AE43-840D96BE1C6C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "98C84F5B-72F6-4059-B634-80EE072D0DF9", "versionEndIncluding": "07.2.04"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:belden:hirschmann_dragon_mach4000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5E0562EC-4942-4D14-A634-8A6A5FDB9561"}, {"criteria": "cpe:2.3:h:belden:hirschmann_dragon_mach4500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "79E8B334-8109-4664-8DCC-10876BD702DC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:belden:hirschmann_hios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CFB09BFE-D6C9-4433-A53A-F79608BFACA9", "versionEndIncluding": "05.3.06"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:belden:hirschmann_eagle_one:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2D6D7B3E-90AD-43D9-9192-453A37921E8F"}, {"criteria": "cpe:2.3:h:belden:hirschmann_eagle20:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "771189D9-34F0-400D-938B-2AA218C28C43"}, {"criteria": "cpe:2.3:h:belden:hirschmann_eagle30:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3DCF228A-F3A8-4B36-A105-04E88980BA76"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:belden:garrettcom_magnum_dx940e_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE3BDD99-1DFA-4037-8E77-902F39842153", "versionEndIncluding": "1.0.1_y7"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:belden:garrettcom_magnum_dx940e:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E9B635F0-96C1-49DA-957C-2ECD55A316C0"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}