IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-290,CWE-290,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| cisco | nx-os | 7.1(0)n1(1) |
| cisco | nx-os | 6.0(2)u2(4) |
| cisco | nx-os | 5.2(1)n1(5) |
| cisco | nx-os | 6.0(2)u5(1) |
| cisco | nx-os | 7.3(0)d1(1) |
| cisco | nx-os | 5.2(1)sk3(2.1a) |
| cisco | nx-os | 6.2(22) |
| cisco | nx-os | 6.0(2)u2(1) |
| cisco | nx-os | 5.2(1)n1(9) |
| cisco | nx-os | 7.3(2)n1(1b) |
| cisco | nx-os | 6.0(2)u2(6) |
| cisco | nx-os | 5.2(1)sv3(4.1) |
| cisco | nx-os | 6.0(2)n1(1a) |
| cisco | nx-os | 7.3(7)n1(1a) |
| cisco | nx-os | 6.0(2)u1(1) |
| cisco | nx-os | 6.1(2)i1(2) |
| cisco | nx-os | 6.2(6b) |
| cisco | nx-os | 6.0(2)a1(1f) |
| cisco | nx-os | 7.0(8)n1(1a) |
| cisco | nx-os | 5.0(3)u5(1f) |
| treck | tcp/ip | * |
| cisco | nx-os | 6.0(2)a4(5) |
| cisco | nx-os | 7.0(3)i1(1b) |
| cisco | nx-os | 6.1(2)i3(3a) |
| cisco | nx-os | 7.3(0)dx(1) |
| cisco | nx-os | 7.1(3)n1(2a) |
| cisco | nx-os | 5.0(3)u1(1b) |
| hp | x3220nr_firmware | * |
| cisco | nx-os | 7.1(3)n1(4) |
| cisco | nx-os | 7.3(0)n1(1b) |
| cisco | nx-os | 7.3(1)d1(1) |
| cisco | nx-os | 6.0(2)a3(1) |
| cisco | nx-os | 6.2(20) |
| cisco | nx-os | 6.0(2)u1(1a) |
| cisco | nx-os | 5.2(1)n1(1) |
| cisco | nx-os | 5.2(1)sm1(5.2a) |
| cisco | nx-os | 6.1(2)i2(1) |
| cisco | nx-os | 6.0(2)a3(2) |
| cisco | nx-os | 7.1(1)n1(1a) |
| cisco | nx-os | 6.1(2)i1(3) |
| cisco | nx-os | 7.2(2)d1(2) |
| cisco | nx-os | 7.1(2)n1(1) |
| cisco | nx-os | 5.2(1)sv3(4.1b) |
| cisco | nx-os | 7.0(5)n1(1) |
| cisco | nx-os | 6.0(2)a1(1b) |
| cisco | nx-os | 7.1(3)n1(2) |
| cisco | nx-os | 5.2(1)n1(9b) |
| cisco | nx-os | 6.2(14a) |
| cisco | nx-os | 7.3(4)n1(1a) |
| cisco | nx-os | 5.0(3)u3(2a) |
| cisco | nx-os | 6.2(24) |
| cisco | nx-os | 7.2(1)n1(1) |
| cisco | nx-os | 7.0(4)n1(1) |
| cisco | nx-os | 5.2(1)sm3(1.1a) |
| cisco | nx-os | 5.2(1)sv3(2.5) |
| cisco | nx-os | 7.1(3)n1(1) |
| cisco | nx-os | 5.0(3)u1(2a) |
| cisco | nx-os | 7.0(3)n1(1) |
| cisco | nx-os | 5.2(1)n1(3) |
| cisco | nx-os | 6.2(10) |
| cisco | nx-os | 7.2(2)d1(3) |
| cisco | nx-os | 5.2(7) |
| cisco | nx-os | 7.3(5)d1(1) |
| cisco | nx-os | 6.2(14b) |
| cisco | nx-os | 5.2(1)sv3(3.1) |
| cisco | nx-os | 5.2(1)sv3(4.1a) |
| cisco | nx-os | 6.1(2)i3(3) |
| cisco | nx-os | 5.2(1)sv3(2.8) |
| cisco | nx-os | 6.0(2)u4(2) |
| cisco | nx-os | 6.2(20a) |
| cisco | nx-os | 6.2(12) |
| cisco | nx-os | 5.2(1)sm3(1.1b) |
| cisco | nx-os | 6.0(2)u4(1) |
| cisco | nx-os | 5.2(1)sv3(1.1) |
| cisco | nx-os | 6.0(2)n2(3) |
| cisco | nx-os | 7.0(6)n1(1) |
| cisco | nx-os | 6.0(2)a4(3) |
| cisco | nx-os | 7.3(0)n1(1) |
| cisco | nx-os | 5.0(3)u2(2c) |
| cisco | nx-os | 5.0(3)u5(1g) |
| cisco | nx-os | 5.0(3)u2(2) |
| cisco | nx-os | 5.2(1)sv3(1.5a) |
| cisco | nx-os | 7.0(4)n1(1a) |
| cisco | nx-os | 5.0(3)u2(2a) |
| cisco | nx-os | 6.2(8b) |
| cisco | nx-os | 5.2(9) |
| cisco | nx-os | 7.3(5)n1(1) |
| cisco | nx-os | 7.0(7)n1(1b) |
| cisco | nx-os | 6.2(16) |
| cisco | nx-os | 5.2(5) |
| cisco | nx-os | 7.3(2)n1(1c) |
| cisco | nx-os | 6.0(2)a3(4) |
| cisco | nx-os | 5.2(3) |
| cisco | nx-os | 7.3(7)n1(1) |
| cisco | nx-os | 7.0(8)n1(1) |
| cisco | nx-os | 6.0(2)a1(1c) |
| cisco | nx-os | 5.2(1)sm1(5.2b) |
| cisco | nx-os | 5.2(1)sm3(2.1) |
| cisco | nx-os | 6.1(2)i2(3) |
| cisco | nx-os | 7.0(6)n1(2s) |
| cisco | nx-os | 7.1(4)n1(1d) |
| cisco | nx-os | 5.2(1)n1(6) |
| cisco | nx-os | 6.0(2)u2(4.92.4z) |
| cisco | nx-os | 6.0(2)n2(2) |
| cisco | nx-os | 7.3(6)d1(1) |
| cisco | nx-os | 5.2(1)sm3(1.1) |
| cisco | nx-os | 5.0(3)a1(2a) |
| cisco | nx-os | 7.1(0)n1(1b) |
| cisco | nx-os | 7.1(2)n1(1a) |
| cisco | nx-os | 5.2(1)sv3(3.15) |
| cisco | nx-os | 7.1(5)n1(1) |
| cisco | nx-os | 6.1(2)i3(2) |
| cisco | nx-os | 5.2(1)n1(2) |
| digi | saros | * |
| cisco | nx-os | 5.0(3)u5(1b) |
| cisco | nx-os | 6.0(2)a4(4) |
| cisco | nx-os | 7.3(2)n1(1) |
| cisco | nx-os | 5.2(1)sm3(1.1c) |
| cisco | nx-os | 6.0(2)n2(5a) |
| cisco | nx-os | 6.0(2)u3(3) |
| cisco | nx-os | 7.1(1)n1(1) |
| cisco | nx-os | 5.0(3)u2(2d) |
| cisco | nx-os | 5.2(1)sk3(2.2b) |
| cisco | nx-os | 5.2(1)sv3(1.5b) |
| cisco | nx-os | 6.2(18) |
| cisco | nx-os | 5.2(1)sk3(1.1) |
| cisco | nx-os | 7.0(6)n1(3s) |
| cisco | nx-os | 7.3(2)d1(2) |
| cisco | nx-os | 6.0(2)a1(2d) |
| cisco | nx-os | 7.3(3)n1(1) |
| cisco | nx-os | 6.1(2)i3(1) |
| cisco | nx-os | 5.0(3)u1(1d) |
| cisco | nx-os | 6.1(2)i2(2) |
| cisco | nx-os | 7.0(3)i1(1a) |
| cisco | nx-os | 5.0(3)u3(2) |
| cisco | nx-os | 5.2(1)n1(2a) |
| cisco | nx-os | 7.3(2)d1(1d) |
| cisco | nx-os | 7.3(6)n1(1) |
| cisco | nx-os | 6.0(2)n1(2) |
| cisco | ucs_manager | 3.2(3n)a |
| cisco | nx-os | 7.3(4)d1(1) |
| cisco | nx-os | 5.0(3)u5(1c) |
| cisco | nx-os | 5.0(3)u5(1) |
| cisco | nx-os | 6.0(2)u3(8) |
| cisco | nx-os | 6.0(2)u2(3) |
| cisco | nx-os | 6.2(6) |
| cisco | nx-os | 6.2(14) |
| cisco | nx-os | 7.3(2)d1(1) |
| cisco | nx-os | 6.1(2)i2(2a) |
| cisco | nx-os | 7.1(4)n1(1) |
| cisco | nx-os | 5.0(3)u1(1c) |
| cisco | nx-os | 6.1(2)i2(2b) |
| cisco | nx-os | 5.0(3)u5(1i) |
| cisco | nx-os | 7.1(4)n1(1c) |
| cisco | nx-os | 5.2(1)sv5(1.2) |
| cisco | nx-os | 5.2(1)n1(9a) |
| cisco | nx-os | 7.3(6)n1(1a) |
| cisco | nx-os | 7.3(4)n1(1) |
| cisco | unified_computing_system | - |
| cisco | nx-os | 6.0(2)u3(6) |
| cisco | nx-os | 7.3(1)n1(1) |
| cisco | nx-os | 6.0(2)n1(2a) |
| cisco | nx-os | 7.0(1)n1(1) |
| cisco | nx-os | 6.2(8a) |
| cisco | nx-os | 7.1(5)n1(1b) |
| cisco | nx-os | 6.0(2)a1(1d) |
| cisco | nx-os | 6.0(2)n2(1b) |
| cisco | nx-os | 5.2(1)sm1(5.2c) |
| cisco | nx-os | 5.0(3)u5(1d) |
| cisco | nx-os | 7.0(3)i1(1) |
| cisco | nx-os | 5.0(3)u5(1j) |
| cisco | nx-os | 5.2(1)n1(1b) |
| cisco | nx-os | 5.2(1)sv3(1.10) |
| cisco | nx-os | 5.0(3)u2(2b) |
| cisco | nx-os | 5.0(3)u1(2) |
| cisco | nx-os | 6.0(2)n2(1) |
| cisco | nx-os | 5.2(1)n1(4) |
| cisco | nx-os | 5.2(1)sk3(2.1) |
| cisco | nx-os | 7.1(3)n1(3) |
| cisco | nx-os | 5.2(1)sm1(5.1) |
| cisco | nx-os | 5.0(3)a1(1) |
| cisco | nx-os | 7.1(0)n1(1a) |
| cisco | nx-os | 7.1(4)n1(1a) |
| cisco | nx-os | 7.0(3)i1(1z) |
| cisco | nx-os | 5.2(1)sv3(1.2) |
| cisco | nx-os | 6.2(2) |
| cisco | nx-os | 7.2(0)d1(1) |
| cisco | nx-os | 6.0(2)u2(2) |
| cisco | nx-os | 5.0(3)u5(1h) |
| cisco | nx-os | 5.0(3)u4(1) |
| cisco | nx-os | 7.0(6)n1(4s) |
| cisco | nx-os | 5.2(1)sv5(1.3) |
| cisco | nx-os | 6.0(2)u3(1) |
| cisco | nx-os | 6.0(2)u4(4) |
| cisco | nx-os | 5.2(1)sv3(2.1) |
| cisco | nx-os | 6.0(2)u3(9) |
| cisco | nx-os | 7.2(2)d1(1) |
| cisco | nx-os | 6.0(2)u1(3) |
| cisco | nx-os | 7.3(2)d1(3) |
| cisco | nx-os | 6.0(2)a4(1) |
| cisco | nx-os | 5.0(3)u5(1e) |
| cisco | nx-os | 5.2(1)sv3(1.15) |
| cisco | nx-os | 5.2(4) |
| cisco | nx-os | 6.0(2)n2(4) |
| cisco | nx-os | 6.0(2)u4(3) |
| cisco | nx-os | 5.2(3a) |
| cisco | nx-os | 6.0(2)u1(4) |
| cisco | nx-os | 5.2(9a) |
| cisco | nx-os | 6.0(2)a4(6) |
| cisco | nx-os | 5.0(3)u1(1) |
| cisco | nx-os | 6.0(2)u3(4) |
| cisco | nx-os | 6.0(2)u3(2) |
| cisco | nx-os | 6.0(2)u2(5) |
| cisco | nx-os | 6.0(2)n2(5) |
| cisco | nx-os | 6.2(8) |
| cisco | nx-os | 5.2(1)sv3(1.6) |
| cisco | nx-os | 6.0(2)a1(1e) |
| cisco | nx-os | 5.2(1)n1(8b) |
| cisco | nx-os | 7.0(7)n1(1a) |
| cisco | nx-os | 5.2(1)n1(8a) |
| cisco | nx-os | 6.2(2a) |
| cisco | nx-os | 7.0(0)n1(1) |
| cisco | nx-os | 5.0(3)u1(1a) |
| cisco | nx-os | 7.3(0)n1(1a) |
| cisco | nx-os | 5.2(1) |
| cisco | nx-os | 5.2(1)sk3(2.2) |
| cisco | nx-os | 7.0(5)n1(1a) |
| cisco | nx-os | 6.0(2)u1(2) |
| cisco | nx-os | 6.0(2)a1(1) |
| cisco | nx-os | 6.0(2)u3(7) |
| cisco | nx-os | 7.2(2)d1(4) |
| cisco | nx-os | 5.2(1)n1(7) |
| cisco | nx-os | 7.0(7)n1(1) |
| cisco | nx-os | 7.3(3)d1(1) |
| cisco | nx-os | 6.0(2)n2(5b) |
| cisco | nx-os | 6.0(2)u3(5) |
| cisco | nx-os | 5.2(1)sv5(1.1) |
| cisco | nx-os | 5.0(3)u5(1a) |
| cisco | nx-os | 5.0(3)a1(2) |
| cisco | nx-os | 6.0(2)n1(1) |
| cisco | nx-os | 7.0(2)n1(1) |
| cisco | nx-os | 6.0(2)n2(6) |
| cisco | nx-os | 5.2(1)n1(8) |
| cisco | nx-os | 6.0(2)a4(2) |
| cisco | nx-os | 5.2(1)sv3(1.4) |
| cisco | nx-os | 6.2(6a) |
| cisco | nx-os | 7.1(3)n1(5) |
| cisco | nx-os | 5.0(3)u3(2b) |
| cisco | nx-os | 5.2(1)sv3(1.3) |
| cisco | nx-os | 5.0(3)u3(1) |
| cisco | nx-os | 5.2(1)n1(1a) |
| cisco | nx-os | 7.2(1)d1(1) |
| cisco | nx-os | 6.0(2)n2(7) |
| cisco | nx-os | 6.0(2)a1(1a) |
| cisco | nx-os | 5.0(3)u2(1) |
| cisco | nx-os | 7.3(2)d1(3a) |
| cisco | nx-os | 5.2(1)sv3(1.4b) |
| cisco | nx-os | 5.2(1)sm1(5.2) |
The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 10.0 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H | 3.9 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| treck | tcp/ip | * |
The Treck TCP/IP stack before 5.0.1.35 has an Out-of-Bounds Write via multiple malformed IPv6 packets.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 10.0 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H | 3.9 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| treck | tcp/ip | * |
The Treck TCP/IP stack before 6.0.1.66 improperly handles an IPv4/ICMPv4 Length Parameter Inconsistency, which might allow remote attackers to trigger an information leak.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H | 3.9 | 5.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| treck | tcp/ip | * |
The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.4 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L | 2.8 | 2.5 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| dell | wyse_7030_firmware | - |
| dell | wyse_5030_firmware | - |
| dell | wyse_5050_all-in-one_firmware | - |
| treck | tcp/ip | * |
The Treck TCP/IP stack before 6.0.1.41 has an IPv4 tunneling Double Free.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H | 3.9 | 4.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-415,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| treck | tcp/ip | * |
The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.0 | CRITICAL | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H | 2.2 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-125,CWE-131,CWE-330,CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| treck | tcp/ip | * |
The Treck TCP/IP stack before 6.0.1.66 has an IPv6OverIPv4 tunneling Out-of-bounds Read.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.3 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 3.9 | 3.4 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| treck | tcp/ip | * |
The Treck TCP/IP stack before 6.0.1.28 has a DHCP Out-of-bounds Read.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| treck | tcp/ip | * |
The Treck TCP/IP stack before 6.0.1.66 has an Integer Overflow during Memory Allocation that causes an Out-of-Bounds Write.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.3 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 3.9 | 3.4 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-190,CWE-787,CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| treck | tcp/ip | * |
The Treck TCP/IP stack before 6.0.1.66 has a DHCPv6 Out-of-bounds Read.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| treck | tcp/ip | * |
The Treck TCP/IP stack before 6.0.1.66 has an Ethernet Link Layer Integer Underflow.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.3 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.8 | 3.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-191,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| treck | tcp/ip | * |
The Treck TCP/IP stack before 6.0.1.66 improperly handles a Length Parameter Inconsistency in TCP.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.3 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.8 | 3.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| treck | tcp/ip | * |
The Treck TCP/IP stack before 4.7.1.27 mishandles '\0' termination in DHCP.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 2.8 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| treck | tcp/ip | * |
The Treck TCP/IP stack before 6.0.1.66 has an IPv4 Integer Underflow.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-191,CWE-191,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| treck | tcp/ip | * |
The Treck TCP/IP stack before 6.0.1.66 has an ICMPv4 Out-of-bounds Read.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| treck | tcp/ip | * |
The Treck TCP/IP stack before 6.0.1.66 has Improper ICMPv4 Access Control.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-732,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| treck | tcp/ip | * |
The Treck TCP/IP stack before 6.0.1.66 has a TCP Out-of-bounds Read.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| treck | tcp/ip | * |
The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| treck | tcp/ip | * |
The Treck TCP/IP stack before 6.0.1.66 has an ARP Out-of-bounds Read.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| treck | tcp/ip | * |
A heap-based buffer overflow in the Treck HTTP Server component before 6.0.1.68 allows remote attackers to cause a denial of service (crash/reset) or to possibly execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| cve@mitre.org | 10.0 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H | 3.9 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| treck | tcp/ip | * |
An issue was discovered in Treck IPv6 before 6.0.1.68. Improper input validation in the IPv6 component when handling a packet sent by an unauthenticated remote attacker could result in an out-of-bounds read of up to three bytes via network access.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
| cve@mitre.org | 3.7 | LOW | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.2 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,CWE-125,CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| treck | ipv6 | * |
An issue was discovered in Treck IPv6 before 6.0.1.68. Improper Input Validation in the IPv6 component allows an unauthenticated remote attacker to cause an Out of Bounds Write, and possibly a Denial of Service via network access.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 7.3 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 3.9 | 3.4 |
| nvd@nist.gov | 7.3 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 3.9 | 3.4 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,CWE-787,CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| treck | ipv6 | * |
An issue was discovered in Treck IPv6 before 6.0.1.68. Improper Input Validation in the DHCPv6 client component allows an unauthenticated remote attacker to cause an Out of Bounds Read, and possibly a Denial of Service via adjacent network access.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 5.9 | MEDIUM | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H | 1.6 | 4.2 |
| nvd@nist.gov | 7.1 | HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H | 2.8 | 4.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| treck | ipv6 | * |