fkie_nvd - fkie_cve-2018-1111

fkie_cve-2018-1111

Vulnerability from fkie_nvd

Published

2018-05-17 16:29

Modified

2024-11-21 03:59

Severity ?

7.5 (High) - CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol.

References

URL	Tags
secalert@redhat.com	http://www.securityfocus.com/bid/104195	Third Party Advisory, VDB Entry
secalert@redhat.com	http://www.securitytracker.com/id/1040912	Third Party Advisory, VDB Entry
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2018:1453	Vendor Advisory
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2018:1454	Vendor Advisory
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2018:1455	Vendor Advisory
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2018:1456	Vendor Advisory
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2018:1457	Vendor Advisory
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2018:1458	Vendor Advisory
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2018:1459	Vendor Advisory
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2018:1460	Vendor Advisory
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2018:1461	Vendor Advisory
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2018:1524	Vendor Advisory
secalert@redhat.com	https://access.redhat.com/security/vulnerabilities/3442151	Vendor Advisory
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1111	Issue Tracking, Vendor Advisory
secalert@redhat.com	https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
secalert@redhat.com	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CDCLLCHYFFXW354HMB5QBXOQOY5BH2EJ/
secalert@redhat.com	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IDJA4QRR74TMXW34Q3DYYFPVBYRTJBI7/
secalert@redhat.com	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMTTB54QNTPD2SK6UL32EVQHMZP6BUUD/
secalert@redhat.com	https://www.exploit-db.com/exploits/44652/	Exploit, Third Party Advisory, VDB Entry
secalert@redhat.com	https://www.exploit-db.com/exploits/44890/	Exploit, Third Party Advisory, VDB Entry
secalert@redhat.com	https://www.tenable.com/security/tns-2018-10
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/104195	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1040912	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2018:1453	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2018:1454	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2018:1455	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2018:1456	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2018:1457	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2018:1458	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2018:1459	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2018:1460	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2018:1461	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2018:1524	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/security/vulnerabilities/3442151	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1111	Issue Tracking, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CDCLLCHYFFXW354HMB5QBXOQOY5BH2EJ/
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IDJA4QRR74TMXW34Q3DYYFPVBYRTJBI7/
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMTTB54QNTPD2SK6UL32EVQHMZP6BUUD/
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/44652/	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/44890/	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.tenable.com/security/tns-2018-10

Impacted products

Vendor	Product	Version
fedoraproject	fedora	26
fedoraproject	fedora	27
fedoraproject	fedora	28
redhat	enterprise_virtualization	4.0
redhat	enterprise_virtualization	4.2
redhat	enterprise_virtualization_host	4.0
redhat	enterprise_linux	6.0
redhat	enterprise_linux	6.4
redhat	enterprise_linux	6.5
redhat	enterprise_linux	6.6
redhat	enterprise_linux	6.7
redhat	enterprise_linux	7.0
redhat	enterprise_linux	7.2
redhat	enterprise_linux	7.3
redhat	enterprise_linux	7.4
redhat	enterprise_linux	7.5
redhat	enterprise_linux_desktop	6.0
redhat	enterprise_linux_desktop	7.0
redhat	enterprise_linux_server	6.0
redhat	enterprise_linux_server	7.0
redhat	enterprise_linux_workstation	6.0
redhat	enterprise_linux_workstation	7.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:26:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E4D8269-B407-4C24-AAB0-02F885C7D752",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:27:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBEACBFF-6D05-4B69-BF7A-F7E539D9BF6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:enterprise_virtualization:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "12544770-1AF9-4DD3-BC72-579DA0BC0F3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:enterprise_virtualization:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "76DA389E-C042-47E1-989C-0882E12DF35B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:enterprise_virtualization_host:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B8286AD-7632-46C4-AD1E-653CABC4B95B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "905EC4D0-7604-476A-8176-9FFCEB1DC6B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "564DCCFD-77BF-4FB1-A0A0-96104B154282",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "467A831E-C63B-476F-A71F-8FB52556BC45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "84FF61DF-D634-4FB5-8DF1-01F631BE1A7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E4DC974-235F-4655-966F-2490A4C4E490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B99A2411-7F6A-457F-A7BF-EB13C630F902",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "041F9200-4C01-4187-AE34-240E8277B54D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EB48767-F095-444F-9E05-D9AC345AB803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol."
    },
    {
      "lang": "es",
      "value": "Los paquetes DHCP en Red Hat Enterprise Linux 6 y 7, Fedora 28 y anteriores son vulnerables a un error de inyecci\u00f3n de comandos en el script de integraci\u00f3n NetworkManager incluido en el cliente DHCP. Un servidor DHCP malicioso o un atacante en la red ocal capaz de suplantar respuestas DHCP podr\u00eda emplear este error para ejecutar comandos arbitrarios con privilegios root en sistemas que emplean NetworkManager y se configuran para obtener la configuraci\u00f3n de red mediante el protocolo de configuraci\u00f3n din\u00e1mica de host (DHCP)."
    }
  ],
  "id": "CVE-2018-1111",
  "lastModified": "2024-11-21T03:59:12.207",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 5.5,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 5.9,
        "source": "secalert@redhat.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-05-17T16:29:00.217",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104195"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1040912"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:1453"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:1454"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:1455"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:1456"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:1457"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:1458"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:1459"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:1460"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:1461"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:1524"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://access.redhat.com/security/vulnerabilities/3442151"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1111"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CDCLLCHYFFXW354HMB5QBXOQOY5BH2EJ/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IDJA4QRR74TMXW34Q3DYYFPVBYRTJBI7/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMTTB54QNTPD2SK6UL32EVQHMZP6BUUD/"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/44652/"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/44890/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.tenable.com/security/tns-2018-10"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104195"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1040912"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:1453"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:1454"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:1455"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:1456"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:1457"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:1458"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:1459"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:1460"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:1461"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:1524"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://access.redhat.com/security/vulnerabilities/3442151"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1111"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CDCLLCHYFFXW354HMB5QBXOQOY5BH2EJ/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IDJA4QRR74TMXW34Q3DYYFPVBYRTJBI7/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMTTB54QNTPD2SK6UL32EVQHMZP6BUUD/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/44652/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/44890/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.tenable.com/security/tns-2018-10"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-77"
        }
      ],
      "source": "secalert@redhat.com",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Secondary"
    }
  ]
}

CVE-2018-1111 (GCVE-0-2018-1111)

Vulnerability from cvelistv5

Published

2018-05-17 16:00

Modified

2024-08-05 03:51

Severity ?

7.5 (High) - CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-77

Summary

References

►

URL

Tags

	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1111	x_refsource_CONFIRM
	https://www.tenable.com/security/tns-2018-10	x_refsource_CONFIRM
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IDJA4QRR74TMXW34Q3DYYFPVBYRTJBI7/	vendor-advisory, x_refsource_FEDORA
	https://access.redhat.com/security/vulnerabilities/3442151	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/104195	vdb-entry, x_refsource_BID
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMTTB54QNTPD2SK6UL32EVQHMZP6BUUD/	vendor-advisory, x_refsource_FEDORA
	http://www.securitytracker.com/id/1040912	vdb-entry, x_refsource_SECTRACK
	https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2018:1454	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:1455	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:1457	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:1459	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:1453	vendor-advisory, x_refsource_REDHAT
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CDCLLCHYFFXW354HMB5QBXOQOY5BH2EJ/	vendor-advisory, x_refsource_FEDORA
	https://access.redhat.com/errata/RHSA-2018:1524	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:1456	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:1461	vendor-advisory, x_refsource_REDHAT
	https://www.exploit-db.com/exploits/44652/	exploit, x_refsource_EXPLOIT-DB
	https://www.exploit-db.com/exploits/44890/	exploit, x_refsource_EXPLOIT-DB
	https://access.redhat.com/errata/RHSA-2018:1458	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:1460	vendor-advisory, x_refsource_REDHAT

Impacted products

Vendor

Product

Version

►

Red Hat

dhcp

Version: Red Hat Enterprise Linux 6
Version: Red Hat Enterprise Linux 7

Fedora

dhcp

Version: Fedora 28

Show details on NVD website