CWE-410

Insufficient Resource Pool

The product's resource pool is not large enough to handle peak demand, which allows an attacker to prevent others from accessing the resource by using a (relatively) large number of requests for resources.

CVE-2018-13815 (GCVE-0-2018-13815)
Vulnerability from cvelistv5
Published
2018-12-13 16:00
Modified
2024-08-05 09:14
Severity ?
CWE
  • CWE-410 - Insufficient Resource Pool
Summary
A vulnerability has been identified in SIMATIC S7-1200 (All versions), SIMATIC S7-1500 (All Versions < V2.6). An attacker could exhaust the available connection pool of an affected device by opening a sufficient number of connections to the device. Successful exploitation requires an attacker to be able to send packets to port 102/tcp of the affected device. No user interaction and no user privileges are required to exploit the vulnerability. The vulnerability, if exploited, could cause a Denial-of-Service condition impacting the availability of the system. At the time of advisory publication no public exploitation of this vulnerability was known.
References
Impacted products
Vendor Product Version
Siemens AG SIMATIC S7-1200, SIMATIC S7-1500 Version: SIMATIC S7-1200 : All versions
Version: SIMATIC S7-1500 : All Versions < V2.6
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:14:47.135Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "105928",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105928"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-584286.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC S7-1200, SIMATIC S7-1500",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "SIMATIC S7-1200 : All versions"
            },
            {
              "status": "affected",
              "version": "SIMATIC S7-1500 : All Versions \u003c V2.6"
            }
          ]
        }
      ],
      "datePublic": "2018-12-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC S7-1200 (All versions), SIMATIC S7-1500 (All Versions \u003c V2.6). An attacker could exhaust the available connection pool of an affected device by opening a sufficient number of connections to the device. Successful exploitation requires an attacker to be able to send packets to port 102/tcp of the affected device. No user interaction and no user privileges are required to exploit the vulnerability. The vulnerability, if exploited, could cause a Denial-of-Service condition impacting the availability of the system. At the time of advisory publication no public exploitation of this vulnerability was known."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-410",
              "description": "CWE-410: Insufficient Resource Pool",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-12-14T10:57:02",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "name": "105928",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105928"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-584286.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2018-13815",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC S7-1200, SIMATIC S7-1500",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "SIMATIC S7-1200 : All versions"
                          },
                          {
                            "version_value": "SIMATIC S7-1500 : All Versions \u003c V2.6"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens AG"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC S7-1200 (All versions), SIMATIC S7-1500 (All Versions \u003c V2.6). An attacker could exhaust the available connection pool of an affected device by opening a sufficient number of connections to the device. Successful exploitation requires an attacker to be able to send packets to port 102/tcp of the affected device. No user interaction and no user privileges are required to exploit the vulnerability. The vulnerability, if exploited, could cause a Denial-of-Service condition impacting the availability of the system. At the time of advisory publication no public exploitation of this vulnerability was known."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-410: Insufficient Resource Pool"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "105928",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105928"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-584286.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-584286.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2018-13815",
    "datePublished": "2018-12-13T16:00:00",
    "dateReserved": "2018-07-10T00:00:00",
    "dateUpdated": "2024-08-05T09:14:47.135Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-0056 (GCVE-0-2019-0056)
Vulnerability from cvelistv5
Published
2019-10-09 19:26
Modified
2024-09-16 18:29
CWE
  • CWE-410 - Insufficient Resource Pool
Summary
This issue only affects devices with three (3) or more MPC10's installed in a single chassis with OSPF enabled and configured on the device. An Insufficient Resource Pool weakness allows an attacker to cause the device's Open Shortest Path First (OSPF) states to transition to Down, resulting in a Denial of Service (DoS) attack. This attack requires a relatively large number of specific Internet Mixed (IMIXed) types of genuine and valid IPv6 packets to be transferred by the attacker in a relatively short period of time, across three or more PFE's on the device at the same time. Continued receipt of the traffic sent by the attacker will continue to cause OSPF to remain in the Down starting state, or flap between other states and then again to Down, causing a persistent Denial of Service. This attack will affect all IPv4, and IPv6 traffic served by the OSPF routes once the OSPF states transition to Down. This issue affects: Juniper Networks Junos OS on MX480, MX960, MX2008, MX2010, MX2020: 18.1 versions prior to 18.1R2-S4, 18.1R3-S5; 18.1X75 version 18.1X75-D10 and later versions; 18.2 versions prior to 18.2R1-S5, 18.2R2-S3, 18.2R3; 18.2X75 versions prior to 18.2X75-D50; 18.3 versions prior to 18.3R1-S4, 18.3R2, 18.3R3; 18.4 versions prior to 18.4R1-S2, 18.4R2.
References
Impacted products
Vendor Product Version
Juniper Networks Junos OS Version: 18.1   < 18.1R2-S4, 18.1R3-S5
Version: 18.2   < 18.2R1-S5, 18.2R2-S3, 18.2R3
Version: 18.2X75   < 18.2X75-D50
Version: 18.3   < 18.3R1-S4, 18.3R2, 18.3R3
Version: 18.4   < 18.4R1-S2, 18.4R2
Version: 18.1X75-D10   < 18.1X75*
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T17:37:07.427Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/JSA10954"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "MX480, MX960, MX2008, MX2010, MX2020"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "18.1R2-S4, 18.1R3-S5",
              "status": "affected",
              "version": "18.1",
              "versionType": "custom"
            },
            {
              "lessThan": "18.2R1-S5, 18.2R2-S3, 18.2R3",
              "status": "affected",
              "version": "18.2",
              "versionType": "custom"
            },
            {
              "lessThan": "18.2X75-D50",
              "status": "affected",
              "version": "18.2X75",
              "versionType": "custom"
            },
            {
              "lessThan": "18.3R1-S4, 18.3R2, 18.3R3",
              "status": "affected",
              "version": "18.3",
              "versionType": "custom"
            },
            {
              "lessThan": "18.4R1-S2, 18.4R2",
              "status": "affected",
              "version": "18.4",
              "versionType": "custom"
            },
            {
              "lessThan": "18.1X75*",
              "status": "affected",
              "version": "18.1X75-D10",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "OSPF configuration examples can be found at https://www.juniper.net/documentation/en_US/junos/topics/topic-map/ospf-configuring-interfaces.html#jd0e229"
        },
        {
          "lang": "en",
          "value": "You can issue show chassis at the device to determine if there are multiple MCP10\u0027s in your system. For example:\n  root@device\u003e show chassis fpc pic-status\n  Slot 1   Online       MPC10E 3D MRATE-15xQSFPP\n  PIC 0 Online       MRATE-5xQSFPP\n  PIC 1 Online       MRATE-5xQSFPP\n  PIC 2 Online       MRATE-5xQSFPP\n  Slot 2   Online       MPC10E 3D MRATE-15xQSFPP\n  PIC 0 Online       MRATE-5xQSFPP\n  PIC 1 Online       MRATE-5xQSFPP\n  PIC 2 Online       MRATE-5xQSFPP\n  Slot 3   Online       MPC10E 3D MRATE-15xQSFPP\n  PIC 0 Online       MRATE-5xQSFPP\n  PIC 1 Online       MRATE-5xQSFPP\n  PIC 2 Online       MRATE-5xQSFPP"
        }
      ],
      "datePublic": "2019-10-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "This issue only affects devices with three (3) or more MPC10\u0027s installed in a single chassis with OSPF enabled and configured on the device. An Insufficient Resource Pool weakness allows an attacker to cause the device\u0027s Open Shortest Path First (OSPF) states to transition to Down, resulting in a Denial of Service (DoS) attack. This attack requires a relatively large number of specific Internet Mixed (IMIXed) types of genuine and valid IPv6 packets to be transferred by the attacker in a relatively short period of time, across three or more PFE\u0027s on the device at the same time. Continued receipt of the traffic sent by the attacker will continue to cause OSPF to remain in the Down starting state, or flap between other states and then again to Down, causing a persistent Denial of Service. This attack will affect all IPv4, and IPv6 traffic served by the OSPF routes once the OSPF states transition to Down. This issue affects: Juniper Networks Junos OS on MX480, MX960, MX2008, MX2010, MX2020: 18.1 versions prior to 18.1R2-S4, 18.1R3-S5; 18.1X75 version 18.1X75-D10 and later versions; 18.2 versions prior to 18.2R1-S5, 18.2R2-S3, 18.2R3; 18.2X75 versions prior to 18.2X75-D50; 18.3 versions prior to 18.3R1-S4, 18.3R2, 18.3R3; 18.4 versions prior to 18.4R1-S2, 18.4R2."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-410",
              "description": "CWE-410 Insufficient Resource Pool",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-09T19:26:17",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://kb.juniper.net/JSA10954"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "The following software releases have been updated to resolve this specific issue: 18.1R2-S4, 18.1R3-S5, 18.2R1-S5, 18.2R2-S3, 18.2R3, 18.2X75-D50, 18.3R1-S4, 18.3R2, 18.3R3, 18.4R1-S2, 18.4R2, 19.1R1, and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA10954",
        "defect": [
          "1418955"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Junos OS: MX Series: An MPC10 Denial of Service (DoS) due to OSPF states transitioning to Down, causes traffic to stop forwarding through the device.",
      "workarounds": [
        {
          "lang": "en",
          "value": "There are no known workarounds for this issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.6"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "DATE_PUBLIC": "2019-10-09T16:00:00.000Z",
          "ID": "CVE-2019-0056",
          "STATE": "PUBLIC",
          "TITLE": "Junos OS: MX Series: An MPC10 Denial of Service (DoS) due to OSPF states transitioning to Down, causes traffic to stop forwarding through the device."
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Junos OS",
                      "version": {
                        "version_data": [
                          {
                            "platform": "MX480, MX960, MX2008, MX2010, MX2020",
                            "version_affected": "\u003c",
                            "version_name": "18.1",
                            "version_value": "18.1R2-S4, 18.1R3-S5"
                          },
                          {
                            "platform": "MX480, MX960, MX2008, MX2010, MX2020",
                            "version_affected": "\u003c",
                            "version_name": "18.2",
                            "version_value": "18.2R1-S5, 18.2R2-S3, 18.2R3"
                          },
                          {
                            "platform": "MX480, MX960, MX2008, MX2010, MX2020",
                            "version_affected": "\u003c",
                            "version_name": "18.2X75",
                            "version_value": "18.2X75-D50"
                          },
                          {
                            "platform": "MX480, MX960, MX2008, MX2010, MX2020",
                            "version_affected": "\u003c",
                            "version_name": "18.3",
                            "version_value": "18.3R1-S4, 18.3R2, 18.3R3"
                          },
                          {
                            "platform": "MX480, MX960, MX2008, MX2010, MX2020",
                            "version_affected": "\u003c",
                            "version_name": "18.4",
                            "version_value": "18.4R1-S2, 18.4R2"
                          },
                          {
                            "platform": "MX480, MX960, MX2008, MX2010, MX2020",
                            "version_affected": "\u003e=",
                            "version_name": "18.1X75",
                            "version_value": "18.1X75-D10"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Juniper Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "OSPF configuration examples can be found at https://www.juniper.net/documentation/en_US/junos/topics/topic-map/ospf-configuring-interfaces.html#jd0e229"
          },
          {
            "lang": "en",
            "value": "You can issue show chassis at the device to determine if there are multiple MCP10\u0027s in your system. For example:\n  root@device\u003e show chassis fpc pic-status\n  Slot 1   Online       MPC10E 3D MRATE-15xQSFPP\n  PIC 0 Online       MRATE-5xQSFPP\n  PIC 1 Online       MRATE-5xQSFPP\n  PIC 2 Online       MRATE-5xQSFPP\n  Slot 2   Online       MPC10E 3D MRATE-15xQSFPP\n  PIC 0 Online       MRATE-5xQSFPP\n  PIC 1 Online       MRATE-5xQSFPP\n  PIC 2 Online       MRATE-5xQSFPP\n  Slot 3   Online       MPC10E 3D MRATE-15xQSFPP\n  PIC 0 Online       MRATE-5xQSFPP\n  PIC 1 Online       MRATE-5xQSFPP\n  PIC 2 Online       MRATE-5xQSFPP"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "This issue only affects devices with three (3) or more MPC10\u0027s installed in a single chassis with OSPF enabled and configured on the device. An Insufficient Resource Pool weakness allows an attacker to cause the device\u0027s Open Shortest Path First (OSPF) states to transition to Down, resulting in a Denial of Service (DoS) attack. This attack requires a relatively large number of specific Internet Mixed (IMIXed) types of genuine and valid IPv6 packets to be transferred by the attacker in a relatively short period of time, across three or more PFE\u0027s on the device at the same time. Continued receipt of the traffic sent by the attacker will continue to cause OSPF to remain in the Down starting state, or flap between other states and then again to Down, causing a persistent Denial of Service. This attack will affect all IPv4, and IPv6 traffic served by the OSPF routes once the OSPF states transition to Down. This issue affects: Juniper Networks Junos OS on MX480, MX960, MX2008, MX2010, MX2020: 18.1 versions prior to 18.1R2-S4, 18.1R3-S5; 18.1X75 version 18.1X75-D10 and later versions; 18.2 versions prior to 18.2R1-S5, 18.2R2-S3, 18.2R3; 18.2X75 versions prior to 18.2X75-D50; 18.3 versions prior to 18.3R1-S4, 18.3R2, 18.3R3; 18.4 versions prior to 18.4R1-S2, 18.4R2."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.6"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-410 Insufficient Resource Pool"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/JSA10954",
              "refsource": "MISC",
              "url": "https://kb.juniper.net/JSA10954"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "The following software releases have been updated to resolve this specific issue: 18.1R2-S4, 18.1R3-S5, 18.2R1-S5, 18.2R2-S3, 18.2R3, 18.2X75-D50, 18.3R1-S4, 18.3R2, 18.3R3, 18.4R1-S2, 18.4R2, 19.1R1, and all subsequent releases."
          }
        ],
        "source": {
          "advisory": "JSA10954",
          "defect": [
            "1418955"
          ],
          "discovery": "INTERNAL"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "There are no known workarounds for this issue."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2019-0056",
    "datePublished": "2019-10-09T19:26:17.416951Z",
    "dateReserved": "2018-10-11T00:00:00",
    "dateUpdated": "2024-09-16T18:29:55.944Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-13921 (GCVE-0-2019-13921)
Vulnerability from cvelistv5
Published
2019-10-10 13:49
Modified
2024-08-05 00:05
Severity ?
CWE
  • CWE-410 - Insufficient Resource Pool
Summary
A vulnerability has been identified in SIMATIC WinAC RTX (F) 2010 (All versions < SP3 Update 1). Affected versions of the software contain a vulnerability that could allow an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large HTTP request is sent to the executing service. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the service provided by the software.
References
Impacted products
Vendor Product Version
Siemens AG SIMATIC WinAC RTX (F) 2010 Version: All versions < SP3 Update 1
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T00:05:44.060Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-878278.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC WinAC RTX (F) 2010",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c SP3 Update 1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC WinAC RTX (F) 2010 (All versions \u003c SP3 Update 1). Affected versions of the software contain a vulnerability that could allow an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large HTTP request is sent to the executing service. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the service provided by the software."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-410",
              "description": "CWE-410: Insufficient Resource Pool",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-16T15:35:24",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-878278.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2019-13921",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC WinAC RTX (F) 2010",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c SP3 Update 1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens AG"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC WinAC RTX (F) 2010 (All versions \u003c SP3 Update 1). Affected versions of the software contain a vulnerability that could allow an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large HTTP request is sent to the executing service. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the service provided by the software."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-410: Insufficient Resource Pool"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-878278.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-878278.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2019-13921",
    "datePublished": "2019-10-10T13:49:24",
    "dateReserved": "2019-07-18T00:00:00",
    "dateUpdated": "2024-08-05T00:05:44.060Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-1615 (GCVE-0-2021-1615)
Vulnerability from cvelistv5
Published
2021-09-23 02:30
Modified
2024-11-07 21:51
CWE
Summary
A vulnerability in the packet processing functionality of Cisco Embedded Wireless Controller (EWC) Software for Catalyst Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected AP. This vulnerability is due to insufficient buffer allocation. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to exhaust available resources and cause a DoS condition on an affected AP, as well as a DoS condition for client traffic traversing the AP.
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:18:10.808Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210922 Cisco Embedded Wireless Controller Software for Catalyst Access Points Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-ewc-dos-g6JruHRT"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-1615",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T21:47:23.605565Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T21:51:48.650Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XE Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-09-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the packet processing functionality of Cisco Embedded Wireless Controller (EWC) Software for Catalyst Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected AP. This vulnerability is due to insufficient buffer allocation. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to exhaust available resources and cause a DoS condition on an affected AP, as well as a DoS condition for client traffic traversing the AP."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-410",
              "description": "CWE-410",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-23T02:30:45",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20210922 Cisco Embedded Wireless Controller Software for Catalyst Access Points Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-ewc-dos-g6JruHRT"
        }
      ],
      "source": {
        "advisory": "cisco-sa-iosxe-ewc-dos-g6JruHRT",
        "defect": [
          [
            "CSCvy04449"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Embedded Wireless Controller Software for Catalyst Access Points Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-09-22T16:00:00",
          "ID": "CVE-2021-1615",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Embedded Wireless Controller Software for Catalyst Access Points Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XE Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the packet processing functionality of Cisco Embedded Wireless Controller (EWC) Software for Catalyst Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected AP. This vulnerability is due to insufficient buffer allocation. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to exhaust available resources and cause a DoS condition on an affected AP, as well as a DoS condition for client traffic traversing the AP."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-410"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20210922 Cisco Embedded Wireless Controller Software for Catalyst Access Points Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-ewc-dos-g6JruHRT"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-iosxe-ewc-dos-g6JruHRT",
          "defect": [
            [
              "CSCvy04449"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-1615",
    "datePublished": "2021-09-23T02:30:45.294570Z",
    "dateReserved": "2020-11-13T00:00:00",
    "dateUpdated": "2024-11-07T21:51:48.650Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-2048 (GCVE-0-2022-2048)
Vulnerability from cvelistv5
Published
2022-07-07 20:35
Modified
2024-08-03 00:24
Summary
In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. This can lead to a Denial of Service scenario where there are no enough resources left to process good requests.
Impacted products
Vendor Product Version
The Eclipse Foundation Eclipse Jetty Version: 9.4.0   < unspecified
Version: unspecified   <
Version: 10.0.0   < unspecified
Version: unspecified   <
Version: 11.0.0   < unspecified
Version: unspecified   <
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T00:24:43.964Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j"
          },
          {
            "name": "DSA-5198",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2022/dsa-5198"
          },
          {
            "name": "[debian-lts-announce] 20220821 [SECURITY] [DLA 3079-1] jetty9 security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00011.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20220901-0006/"
          },
          {
            "name": "[oss-security] 20220909 Vulnerability in Jenkins",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/09/09/2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Eclipse Jetty",
          "vendor": "The Eclipse Foundation",
          "versions": [
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "9.4.0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "9.4.46",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "10.0.9",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "11.0.0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "11.0.9",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. This can lead to a Denial of Service scenario where there are no enough resources left to process good requests."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-410",
              "description": "CWE-410",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-664",
              "description": "CWE-664",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-09-09T14:06:11",
        "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "shortName": "eclipse"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j"
        },
        {
          "name": "DSA-5198",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2022/dsa-5198"
        },
        {
          "name": "[debian-lts-announce] 20220821 [SECURITY] [DLA 3079-1] jetty9 security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00011.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20220901-0006/"
        },
        {
          "name": "[oss-security] 20220909 Vulnerability in Jenkins",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/09/09/2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@eclipse.org",
          "ID": "CVE-2022-2048",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Eclipse Jetty",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003e=",
                            "version_value": "9.4.0"
                          },
                          {
                            "version_affected": "\u003c=",
                            "version_value": "9.4.46"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_value": "10.0.0"
                          },
                          {
                            "version_affected": "\u003c=",
                            "version_value": "10.0.9"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_value": "11.0.0"
                          },
                          {
                            "version_affected": "\u003c=",
                            "version_value": "11.0.9"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "The Eclipse Foundation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. This can lead to a Denial of Service scenario where there are no enough resources left to process good requests."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": 7.5,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-410"
                }
              ]
            },
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-664"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j",
              "refsource": "CONFIRM",
              "url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j"
            },
            {
              "name": "DSA-5198",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2022/dsa-5198"
            },
            {
              "name": "[debian-lts-announce] 20220821 [SECURITY] [DLA 3079-1] jetty9 security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00011.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20220901-0006/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20220901-0006/"
            },
            {
              "name": "[oss-security] 20220909 Vulnerability in Jenkins",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2022/09/09/2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
    "assignerShortName": "eclipse",
    "cveId": "CVE-2022-2048",
    "datePublished": "2022-07-07T20:35:09",
    "dateReserved": "2022-06-09T00:00:00",
    "dateUpdated": "2024-08-03T00:24:43.964Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20937 (GCVE-0-2022-20937)
Vulnerability from cvelistv5
Published
2022-11-03 19:31
Modified
2024-08-03 02:31
CWE
  • CWE-410 - Insufficient Resource Pool
Summary
A vulnerability in a feature that monitors RADIUS requests on Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote attacker to negatively affect the performance of an affected device. This vulnerability is due to insufficient management of system resources. An attacker could exploit this vulnerability by taking actions that cause Cisco ISE Software to receive specific RADIUS traffic. A successful and sustained exploit of this vulnerability could allow the attacker to cause reduced performance of the affected device, resulting in significant delays to RADIUS authentications. There are workarounds that address this vulnerability.
Impacted products
Vendor Product Version
Cisco Cisco Identity Services Engine Software Version: 2.6.0
Version: 2.6.0 p1
Version: 2.6.0 p2
Version: 2.6.0 p3
Version: 2.6.0 p5
Version: 2.6.0 p6
Version: 2.6.0 p7
Version: 2.6.0 p8
Version: 2.6.0 p9
Version: 2.6.0 p10
Version: 2.6.0 p11
Version: 2.6.0 p12
Version: 2.7.0
Version: 2.7.0 p1
Version: 2.7.0 p2
Version: 2.7.0 p3
Version: 2.7.0 p4
Version: 2.7.0 p5
Version: 2.7.0 p6
Version: 2.7.0 p7
Version: 3.0.0
Version: 3.0.0 p1
Version: 3.0.0 p2
Version: 3.0.0 p3
Version: 3.0.0 p4
Version: 3.0.0 p5
Version: 3.1.0
Version: 3.1.0 p1
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:31:58.639Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-ise-sec-atk-dos-zw5RCUYp",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-sec-atk-dos-zw5RCUYp"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Identity Services Engine Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.0"
            },
            {
              "status": "affected",
              "version": "2.6.0 p1"
            },
            {
              "status": "affected",
              "version": "2.6.0 p2"
            },
            {
              "status": "affected",
              "version": "2.6.0 p3"
            },
            {
              "status": "affected",
              "version": "2.6.0 p5"
            },
            {
              "status": "affected",
              "version": "2.6.0 p6"
            },
            {
              "status": "affected",
              "version": "2.6.0 p7"
            },
            {
              "status": "affected",
              "version": "2.6.0 p8"
            },
            {
              "status": "affected",
              "version": "2.6.0 p9"
            },
            {
              "status": "affected",
              "version": "2.6.0 p10"
            },
            {
              "status": "affected",
              "version": "2.6.0 p11"
            },
            {
              "status": "affected",
              "version": "2.6.0 p12"
            },
            {
              "status": "affected",
              "version": "2.7.0"
            },
            {
              "status": "affected",
              "version": "2.7.0 p1"
            },
            {
              "status": "affected",
              "version": "2.7.0 p2"
            },
            {
              "status": "affected",
              "version": "2.7.0 p3"
            },
            {
              "status": "affected",
              "version": "2.7.0 p4"
            },
            {
              "status": "affected",
              "version": "2.7.0 p5"
            },
            {
              "status": "affected",
              "version": "2.7.0 p6"
            },
            {
              "status": "affected",
              "version": "2.7.0 p7"
            },
            {
              "status": "affected",
              "version": "3.0.0"
            },
            {
              "status": "affected",
              "version": "3.0.0 p1"
            },
            {
              "status": "affected",
              "version": "3.0.0 p2"
            },
            {
              "status": "affected",
              "version": "3.0.0 p3"
            },
            {
              "status": "affected",
              "version": "3.0.0 p4"
            },
            {
              "status": "affected",
              "version": "3.0.0 p5"
            },
            {
              "status": "affected",
              "version": "3.1.0"
            },
            {
              "status": "affected",
              "version": "3.1.0 p1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in a feature that monitors RADIUS requests on Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote attacker to negatively affect the performance of an affected device.\r\n\r This vulnerability is due to insufficient management of system resources. An attacker could exploit this vulnerability by taking actions that cause Cisco ISE Software to receive specific RADIUS traffic. A successful and sustained exploit of this vulnerability could allow the attacker to cause reduced performance of the affected device, resulting in significant delays to RADIUS authentications.\r\n\r   There are workarounds that address this vulnerability."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-410",
              "description": "Insufficient Resource Pool",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:57:17.112Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-ise-sec-atk-dos-zw5RCUYp",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-sec-atk-dos-zw5RCUYp"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ise-sec-atk-dos-zw5RCUYp",
        "defects": [
          "CSCvz99311"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20937",
    "datePublished": "2022-11-03T19:31:40.471Z",
    "dateReserved": "2021-11-02T13:28:29.192Z",
    "dateUpdated": "2024-08-03T02:31:58.639Z",
    "requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-22191 (GCVE-0-2022-22191)
Vulnerability from cvelistv5
Published
2022-04-14 15:50
Modified
2024-09-16 18:08
CWE
  • CWE-410 - Insufficient Resource Pool
  • Denial of Service (DoS)
Summary
A Denial of Service (DoS) vulnerability in the processing of a flood of specific ARP traffic in Juniper Networks Junos OS on the EX4300 switch, sent from the local broadcast domain, may allow an unauthenticated network-adjacent attacker to trigger a PFEMAN watchdog timeout, causing the Packet Forwarding Engine (PFE) to crash and restart. After the restart, transit traffic will be temporarily interrupted until the PFE is reprogrammed. In a virtual chassis (VC), the impacted Flexible PIC Concentrator (FPC) may split from the VC temporarily, and join back into the VC once the PFE restarts. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS on the EX4300: All versions prior to 15.1R7-S12; 18.4 versions prior to 18.4R2-S10, 18.4R3-S11; 19.1 versions prior to 19.1R3-S8; 19.2 versions prior to 19.2R1-S9, 19.2R3-S4; 19.3 versions prior to 19.3R3-S5; 19.4 versions prior to 19.4R2-S6, 19.4R3-S7; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S2; 20.4 versions prior to 20.4R3-S1; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2-S1, 21.2R3; 21.3 versions prior to 21.3R1-S2, 21.3R2.
References
https://kb.juniper.net/JSA69502 x_refsource_CONFIRM
Impacted products
Vendor Product Version
Juniper Networks Junos OS Version: unspecified   < 15.1R7-S12
Version: 18.4   < 18.4R2-S10, 18.4R3-S11
Version: 19.1   < 19.1R3-S8
Version: 19.2   < 19.2R1-S9, 19.2R3-S4
Version: 19.3   < 19.3R3-S5
Version: 19.4   < 19.4R2-S6, 19.4R3-S7
Version: 20.1   < 20.1R3-S3
Version: 20.2   < 20.2R3-S3
Version: 20.3   < 20.3R3-S2
Version: 20.4   < 20.4R3-S1
Version: 21.1   < 21.1R3
Version: 21.2   < 21.2R2-S1, 21.2R3
Version: 21.3   < 21.3R1-S2, 21.3R2
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T03:07:49.815Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/JSA69502"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "EX4300"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "15.1R7-S12",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "18.4R2-S10, 18.4R3-S11",
              "status": "affected",
              "version": "18.4",
              "versionType": "custom"
            },
            {
              "lessThan": "19.1R3-S8",
              "status": "affected",
              "version": "19.1",
              "versionType": "custom"
            },
            {
              "lessThan": "19.2R1-S9, 19.2R3-S4",
              "status": "affected",
              "version": "19.2",
              "versionType": "custom"
            },
            {
              "lessThan": "19.3R3-S5",
              "status": "affected",
              "version": "19.3",
              "versionType": "custom"
            },
            {
              "lessThan": "19.4R2-S6, 19.4R3-S7",
              "status": "affected",
              "version": "19.4",
              "versionType": "custom"
            },
            {
              "lessThan": "20.1R3-S3",
              "status": "affected",
              "version": "20.1",
              "versionType": "custom"
            },
            {
              "lessThan": "20.2R3-S3",
              "status": "affected",
              "version": "20.2",
              "versionType": "custom"
            },
            {
              "lessThan": "20.3R3-S2",
              "status": "affected",
              "version": "20.3",
              "versionType": "custom"
            },
            {
              "lessThan": "20.4R3-S1",
              "status": "affected",
              "version": "20.4",
              "versionType": "custom"
            },
            {
              "lessThan": "21.1R3",
              "status": "affected",
              "version": "21.1",
              "versionType": "custom"
            },
            {
              "lessThan": "21.2R2-S1, 21.2R3",
              "status": "affected",
              "version": "21.2",
              "versionType": "custom"
            },
            {
              "lessThan": "21.3R1-S2, 21.3R2",
              "status": "affected",
              "version": "21.3",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2022-04-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Denial of Service (DoS) vulnerability in the processing of a flood of specific ARP traffic in Juniper Networks Junos OS on the EX4300 switch, sent from the local broadcast domain, may allow an unauthenticated network-adjacent attacker to trigger a PFEMAN watchdog timeout, causing the Packet Forwarding Engine (PFE) to crash and restart. After the restart, transit traffic will be temporarily interrupted until the PFE is reprogrammed. In a virtual chassis (VC), the impacted Flexible PIC Concentrator (FPC) may split from the VC temporarily, and join back into the VC once the PFE restarts. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS on the EX4300: All versions prior to 15.1R7-S12; 18.4 versions prior to 18.4R2-S10, 18.4R3-S11; 19.1 versions prior to 19.1R3-S8; 19.2 versions prior to 19.2R1-S9, 19.2R3-S4; 19.3 versions prior to 19.3R3-S5; 19.4 versions prior to 19.4R2-S6, 19.4R3-S7; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S2; 20.4 versions prior to 20.4R3-S1; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2-S1, 21.2R3; 21.3 versions prior to 21.3R1-S2, 21.3R2."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-410",
              "description": "CWE-410 Insufficient Resource Pool",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "description": "Denial of Service (DoS)",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-14T15:50:52",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/JSA69502"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "The following software releases have been updated to resolve this specific issue: Junos OS 15.1R7-S12, 18.4R2-S10, 18.4R3-S11, 19.1R3-S8, 19.2R1-S9, 19.2R3-S4, 19.3R3-S5, 19.4R2-S6, 19.4R3-S7, 20.1R3-S3, 20.2R3-S3, 20.3R3-S2, 20.4R3-S1, 21.1R3, 21.2R2-S1, 21.2R3, 21.3R1-S2, 21.3R2, 21.4R1, and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA69502",
        "defect": [
          "1613275"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Junos OS: EX4300: PFE Denial of Service (DoS) upon receipt of a flood of specific ARP traffic",
      "workarounds": [
        {
          "lang": "en",
          "value": "There are no viable workarounds for this issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "DATE_PUBLIC": "2022-04-13T16:00:00.000Z",
          "ID": "CVE-2022-22191",
          "STATE": "PUBLIC",
          "TITLE": "Junos OS: EX4300: PFE Denial of Service (DoS) upon receipt of a flood of specific ARP traffic"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Junos OS",
                      "version": {
                        "version_data": [
                          {
                            "platform": "EX4300",
                            "version_affected": "\u003c",
                            "version_value": "15.1R7-S12"
                          },
                          {
                            "platform": "EX4300",
                            "version_affected": "\u003c",
                            "version_name": "18.4",
                            "version_value": "18.4R2-S10, 18.4R3-S11"
                          },
                          {
                            "platform": "EX4300",
                            "version_affected": "\u003c",
                            "version_name": "19.1",
                            "version_value": "19.1R3-S8"
                          },
                          {
                            "platform": "EX4300",
                            "version_affected": "\u003c",
                            "version_name": "19.2",
                            "version_value": "19.2R1-S9, 19.2R3-S4"
                          },
                          {
                            "platform": "EX4300",
                            "version_affected": "\u003c",
                            "version_name": "19.3",
                            "version_value": "19.3R3-S5"
                          },
                          {
                            "platform": "EX4300",
                            "version_affected": "\u003c",
                            "version_name": "19.4",
                            "version_value": "19.4R2-S6, 19.4R3-S7"
                          },
                          {
                            "platform": "EX4300",
                            "version_affected": "\u003c",
                            "version_name": "20.1",
                            "version_value": "20.1R3-S3"
                          },
                          {
                            "platform": "EX4300",
                            "version_affected": "\u003c",
                            "version_name": "20.2",
                            "version_value": "20.2R3-S3"
                          },
                          {
                            "platform": "EX4300",
                            "version_affected": "\u003c",
                            "version_name": "20.3",
                            "version_value": "20.3R3-S2"
                          },
                          {
                            "platform": "EX4300",
                            "version_affected": "\u003c",
                            "version_name": "20.4",
                            "version_value": "20.4R3-S1"
                          },
                          {
                            "platform": "EX4300",
                            "version_affected": "\u003c",
                            "version_name": "21.1",
                            "version_value": "21.1R3"
                          },
                          {
                            "platform": "EX4300",
                            "version_affected": "\u003c",
                            "version_name": "21.2",
                            "version_value": "21.2R2-S1, 21.2R3"
                          },
                          {
                            "platform": "EX4300",
                            "version_affected": "\u003c",
                            "version_name": "21.3",
                            "version_value": "21.3R1-S2, 21.3R2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Juniper Networks"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A Denial of Service (DoS) vulnerability in the processing of a flood of specific ARP traffic in Juniper Networks Junos OS on the EX4300 switch, sent from the local broadcast domain, may allow an unauthenticated network-adjacent attacker to trigger a PFEMAN watchdog timeout, causing the Packet Forwarding Engine (PFE) to crash and restart. After the restart, transit traffic will be temporarily interrupted until the PFE is reprogrammed. In a virtual chassis (VC), the impacted Flexible PIC Concentrator (FPC) may split from the VC temporarily, and join back into the VC once the PFE restarts. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS on the EX4300: All versions prior to 15.1R7-S12; 18.4 versions prior to 18.4R2-S10, 18.4R3-S11; 19.1 versions prior to 19.1R3-S8; 19.2 versions prior to 19.2R1-S9, 19.2R3-S4; 19.3 versions prior to 19.3R3-S5; 19.4 versions prior to 19.4R2-S6, 19.4R3-S7; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S2; 20.4 versions prior to 20.4R3-S1; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2-S1, 21.2R3; 21.3 versions prior to 21.3R1-S2, 21.3R2."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-410 Insufficient Resource Pool"
                }
              ]
            },
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of Service (DoS)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/JSA69502",
              "refsource": "CONFIRM",
              "url": "https://kb.juniper.net/JSA69502"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "The following software releases have been updated to resolve this specific issue: Junos OS 15.1R7-S12, 18.4R2-S10, 18.4R3-S11, 19.1R3-S8, 19.2R1-S9, 19.2R3-S4, 19.3R3-S5, 19.4R2-S6, 19.4R3-S7, 20.1R3-S3, 20.2R3-S3, 20.3R3-S2, 20.4R3-S1, 21.1R3, 21.2R2-S1, 21.2R3, 21.3R1-S2, 21.3R2, 21.4R1, and all subsequent releases."
          }
        ],
        "source": {
          "advisory": "JSA69502",
          "defect": [
            "1613275"
          ],
          "discovery": "INTERNAL"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "There are no viable workarounds for this issue."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2022-22191",
    "datePublished": "2022-04-14T15:50:52.290745Z",
    "dateReserved": "2021-12-21T00:00:00",
    "dateUpdated": "2024-09-16T18:08:39.651Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-40224 (GCVE-0-2022-40224)
Vulnerability from cvelistv5
Published
2023-02-07 16:52
Modified
2025-03-05 19:27
CWE
  • CWE-410 - Insufficient Resource Pool
Summary
A denial of service vulnerability exists in the web server functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP message header can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T12:14:40.040Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1618"
          },
          {
            "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1618",
            "tags": [
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1618"
          },
          {
            "name": "https://www.moxa.com/en/support/product-support/security-advisory/sds-3008-series-multiple-web-vulnerabilities",
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.moxa.com/en/support/product-support/security-advisory/sds-3008-series-multiple-web-vulnerabilities"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-40224",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-05T18:43:09.372564Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-05T19:27:11.797Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SDS-3008 Series Industrial Ethernet Switch",
          "vendor": "Moxa",
          "versions": [
            {
              "status": "affected",
              "version": "2.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A denial of service vulnerability exists in the web server functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP message header can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-410",
              "description": "CWE-410: Insufficient Resource Pool",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-02-07T16:52:03.607Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1618",
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1618"
        },
        {
          "name": "https://www.moxa.com/en/support/product-support/security-advisory/sds-3008-series-multiple-web-vulnerabilities",
          "url": "https://www.moxa.com/en/support/product-support/security-advisory/sds-3008-series-multiple-web-vulnerabilities"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2022-40224",
    "datePublished": "2023-02-07T16:52:03.607Z",
    "dateReserved": "2022-09-21T17:34:10.101Z",
    "dateUpdated": "2025-03-05T19:27:11.797Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-46679 (GCVE-0-2022-46679)
Vulnerability from cvelistv5
Published
2023-02-01 05:33
Modified
2025-03-26 18:53
CWE
  • CWE-410 - Insufficient Resource Pool
Summary
Dell PowerScale OneFS 8.2.x, 9.0.0.x - 9.4.0.x, contain an insufficient resource pool vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service.
Impacted products
Vendor Product Version
Dell PowerScale OneFS Version: 8.2.x;9.0.0.x   <
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T14:39:38.816Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.dell.com/support/kbdoc/en-us/000206927/dsa-2022-323-dell-emc-powerscale-onefs-security-updates-for-multiple-security-vulnerabilities"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-46679",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-26T18:53:12.012327Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-26T18:53:18.852Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PowerScale OneFS",
          "vendor": "Dell",
          "versions": [
            {
              "lessThanOrEqual": "9.4.0.x",
              "status": "affected",
              "version": "8.2.x;9.0.0.x",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2022-12-22T17:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cdiv\u003e\u003cdiv\u003eDell PowerScale OneFS 8.2.x, 9.0.0.x - 9.4.0.x, contain an insufficient resource pool vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service.\u003c/div\u003e\u003c/div\u003e\n\n"
            }
          ],
          "value": "\nDell PowerScale OneFS 8.2.x, 9.0.0.x - 9.4.0.x, contain an insufficient resource pool vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service.\n\n\n\n\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-410",
              "description": "CWE-410: Insufficient Resource Pool",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-02-01T05:33:26.974Z",
        "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "shortName": "dell"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.dell.com/support/kbdoc/en-us/000206927/dsa-2022-323-dell-emc-powerscale-onefs-security-updates-for-multiple-security-vulnerabilities"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
    "assignerShortName": "dell",
    "cveId": "CVE-2022-46679",
    "datePublished": "2023-02-01T05:33:26.974Z",
    "dateReserved": "2022-12-06T21:50:27.435Z",
    "dateUpdated": "2025-03-26T18:53:18.852Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-38505 (GCVE-0-2023-38505)
Vulnerability from cvelistv5
Published
2023-07-27 18:49
Modified
2024-10-10 16:07
CWE
  • CWE-410 - Insufficient Resource Pool
  • CWE-412 - Unrestricted Externally Accessible Lock
Summary
DietPi-Dashboard is a web dashboard for the operating system DietPi. The dashboard only allows for one TLS handshake to be in process at a given moment. Once a TCP connection is established in HTTPS mode, it will assume that it should be waiting for a handshake, and will stay this way indefinitely until a handshake starts or some error occurs. In version 0.6.1, this can be exploited by simply not starting the handshake, preventing any other TLS handshakes from getting through. An attacker can lock the dashboard in a state where it is waiting for a TLS handshake from the attacker, who won't provide it. This prevents any legitimate traffic from getting to the dashboard, and can last indefinitely. Version 0.6.2 has a patch for this issue. As a workaround, do not use HTTPS mode on the open internet where anyone can connect. Instead, put a reverse proxy in front of the dashboard, and have it handle any HTTPS connections.
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T17:46:55.177Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/ravenclaw900/DietPi-Dashboard/security/advisories/GHSA-3jr4-9rxf-fr44",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ravenclaw900/DietPi-Dashboard/security/advisories/GHSA-3jr4-9rxf-fr44"
          },
          {
            "name": "https://github.com/ravenclaw900/DietPi-Dashboard/pull/606",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ravenclaw900/DietPi-Dashboard/pull/606"
          },
          {
            "name": "https://github.com/ravenclaw900/DietPi-Dashboard/commit/79cd78615d28f577454415e4baafe4dcd9d09666",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ravenclaw900/DietPi-Dashboard/commit/79cd78615d28f577454415e4baafe4dcd9d09666"
          },
          {
            "name": "https://asciinema.org/a/8nRKbdf7AkPLmP3QxFZUSmPwp?t=7",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://asciinema.org/a/8nRKbdf7AkPLmP3QxFZUSmPwp?t=7"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:dietpi-dashboard_project:dietpi-dashboard:0.6.1:*:*:*:*:rust:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "dietpi-dashboard",
            "vendor": "dietpi-dashboard_project",
            "versions": [
              {
                "status": "affected",
                "version": "0.6.1"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-38505",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-10T15:38:46.675046Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-10T16:07:41.956Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DietPi-Dashboard",
          "vendor": "ravenclaw900",
          "versions": [
            {
              "status": "affected",
              "version": "= 0.6.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "DietPi-Dashboard is a web dashboard for the operating system DietPi. The dashboard only allows for one TLS handshake to be in process at a given moment. Once a TCP connection is established in HTTPS mode, it will assume that it should be waiting for a handshake, and will stay this way indefinitely until a handshake starts or some error occurs. In version 0.6.1, this can be exploited by simply not starting the handshake, preventing any other TLS handshakes from getting through. An attacker can lock the dashboard in a state where it is waiting for a TLS handshake from the attacker, who won\u0027t provide it. This prevents any legitimate traffic from getting to the dashboard, and can last indefinitely. Version 0.6.2 has a patch for this issue. As a workaround, do not use HTTPS mode on the open internet where anyone can connect. Instead, put a reverse proxy in front of the dashboard, and have it handle any HTTPS connections."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-410",
              "description": "CWE-410: Insufficient Resource Pool",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-412",
              "description": "CWE-412: Unrestricted Externally Accessible Lock",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-27T18:49:29.182Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/ravenclaw900/DietPi-Dashboard/security/advisories/GHSA-3jr4-9rxf-fr44",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ravenclaw900/DietPi-Dashboard/security/advisories/GHSA-3jr4-9rxf-fr44"
        },
        {
          "name": "https://github.com/ravenclaw900/DietPi-Dashboard/pull/606",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ravenclaw900/DietPi-Dashboard/pull/606"
        },
        {
          "name": "https://github.com/ravenclaw900/DietPi-Dashboard/commit/79cd78615d28f577454415e4baafe4dcd9d09666",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ravenclaw900/DietPi-Dashboard/commit/79cd78615d28f577454415e4baafe4dcd9d09666"
        },
        {
          "name": "https://asciinema.org/a/8nRKbdf7AkPLmP3QxFZUSmPwp?t=7",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://asciinema.org/a/8nRKbdf7AkPLmP3QxFZUSmPwp?t=7"
        }
      ],
      "source": {
        "advisory": "GHSA-3jr4-9rxf-fr44",
        "discovery": "UNKNOWN"
      },
      "title": "DietPi-Dashboard Insufficient TLS Handshake Pool"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2023-38505",
    "datePublished": "2023-07-27T18:49:29.182Z",
    "dateReserved": "2023-07-18T16:28:12.077Z",
    "dateUpdated": "2024-10-10T16:07:41.956Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation

Phase: Architecture and Design

Description:

  • Do not perform resource-intensive transactions for unauthenticated users and/or invalid requests.
Mitigation

Phase: Architecture and Design

Description:

  • Consider implementing a velocity check mechanism which would detect abusive behavior.
Mitigation

Phase: Operation

Description:

  • Consider load balancing as an option to handle heavy loads.
Mitigation

Phase: Implementation

Description:

  • Make sure that resource handles are properly closed when no longer needed.
Mitigation

Phase: Architecture and Design

Description:

  • Identify the system's resource intensive operations and consider protecting them from abuse (e.g. malicious automated script which runs the resources out).

No CAPEC attack patterns related to this CWE.

Back to CWE stats page