CVE-2019-12259
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD
Description
Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing.
Affected (32)
Products: Windriver: Vxworks · Sonicwall: Sonicos · Siemens: Siprotec 5 Firmware, Ruggedcom Win7000 Firmware, Ruggedcom Win7025 Firmware, Ruggedcom Win7018 Firmware, Ruggedcom Win7200 Firmware, 9410 Power Meter Firmware, 9810 Power Meter Firmware · +1 more
Show all products
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 7.59 |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 7.91 |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 7.91 |
| Running on/with | Platform Versions |
|---|---|
Siemens Siprotec 5 | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before bs5.2.461.17 |
| Running on/with | Platform Versions |
|---|---|
Siemens Ruggedcom Win7000 | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before bs5.2.461.17 |
| Running on/with | Platform Versions |
|---|---|
Siemens Ruggedcom Win7025 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before bs5.2.461.17 |
| Running on/with | Platform Versions |
|---|---|
Siemens Ruggedcom Win7018 | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Before bs5.2.461.17 |
| Running on/with | Platform Versions |
|---|---|
Siemens Ruggedcom Win7200 | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.2.1 |
| Running on/with | Platform Versions |
|---|---|
Siemens 9410 Power Meter | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.2.1 |
| Running on/with | Platform Versions |
|---|---|
Siemens 9810 Power Meter | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 07.0.07 |
| Running on/with | Platform Versions |
|---|---|
Belden Hirschmann Ees20 | All versions |
Belden Hirschmann Ees25 | All versions |
Belden Hirschmann Eesx20 | All versions |
Belden Hirschmann Eesx30 | All versions |
Belden Hirschmann Grs1020 | All versions |
Belden Hirschmann Grs1030 | All versions |
Belden Hirschmann Grs1042 | All versions |
Belden Hirschmann Grs1120 | All versions |
Belden Hirschmann Grs1130 | All versions |
Belden Hirschmann Grs1142 | All versions |
Belden Hirschmann Msp30 | All versions |
Belden Hirschmann Msp32 | All versions |
Belden Hirschmann Rail Switch Power Lite | All versions |
Belden Hirschmann Rail Switch Power Smart | All versions |
Belden Hirschmann Red25 | All versions |
Belden Hirschmann Rsp20 | All versions |
Belden Hirschmann Rsp25 | All versions |
Belden Hirschmann Rsp30 | All versions |
Belden Hirschmann Rsp35 | All versions |
Belden Hirschmann Rspe30 | All versions |
Belden Hirschmann Rspe32 | All versions |
Belden Hirschmann Rspe35 | All versions |
Belden Hirschmann Rspe37 | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 07.5.01 |
| Running on/with | Platform Versions |
|---|---|
Belden Hirschmann Msp40 | All versions |
Belden Hirschmann Octopus Os3 | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 07.2.04 |
| Running on/with | Platform Versions |
|---|---|
Belden Hirschmann Dragon Mach4000 | All versions |
Belden Hirschmann Dragon Mach4500 | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 05.3.06 |
| Running on/with | Platform Versions |
|---|---|
Belden Hirschmann Eagle20 | All versions |
Belden Hirschmann Eagle30 | All versions |
Belden Hirschmann Eagle One | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 1.0.1_y7 |
| Running on/with | Platform Versions |
|---|---|
Belden Garrettcom Magnum Dx940e | All versions |
Related CWEs
References (18)
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Issue TrackingVendor Advisory
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.