PT-2019-4742 · Wind River · Vxworks

Publicado

2019-08-05

Atualizado

2022-06-16

CVE-2019-12264

CVSS v3.1

7.1

Alta

Vetor

AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

Name of the Vulnerable Software and Affected Versions Wind River VxWorks versions 6.6 through 6.9.4 Wind River VxWorks version 7

Description The issue is related to incorrect access control in IPv4 assignment by the ipdhcpc DHCP client component. This can allow an attacker to impact the integrity and availability of protected information.

Recommendations For Wind River VxWorks versions 6.6 through 6.9.4, consider restricting access to the ipdhcpc DHCP client component until a fix is available. For Wind River VxWorks version 7, consider restricting access to the ipdhcpc DHCP client component until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Argument Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-840CWE-88

Identificadores relacionados

BDU:2020-01294

CVE-2019-12264

Produtos afetados

Vxworks

PT-2019-4742 · Wind River · Vxworks

CVE-2019-12264

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 12