Vulnerability CVE-2017-11468

Vulnerability Name:

CVE-2017-11468 (CCN-129343)

Assigned:

2017-07-20

Published:

2017-07-20

Updated:

2023-01-20

Summary:

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2017-11468

Source: cve@mitre.org
Type: Broken Link
cve@mitre.org

Source: cve@mitre.org
Type: Third Party Advisory
cve@mitre.org

Source: XF
Type: UNKNOWN
docker-registry-cve201711468-dos(129343)

Source: cve@mitre.org
Type: Third Party Advisory
cve@mitre.org

Source: CCN
Type: Docker Registry GIT Repository
Docker Registry v2.6.2

Source: cve@mitre.org
Type: Release Notes, Third Party Advisory
cve@mitre.org

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2017-11468

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:201711468	V	CVE-2017-11468	2023-06-22
oval:org.opensuse.security:def:7852	P	distribution-registry-2.8.1-150400.9.18.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:112167	P	docker-distribution-registry-2.7.1-7.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:105699	P	docker-distribution-registry-2.7.1-7.2 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:13874	P	libXi6-1.7.4-9.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14072	P	yast2-users-3.1.57-16.7 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13910	P	libidn-tools-1.28-4.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14096	P	binutils-2.26.1-9.12.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14028	P	rsyslog-8.4.0-14.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14756	P	rpcbind-0.2.3-23.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13827	P	gdm-3.10.0.1-52.5 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13891	P	libcgroup-tools-0.41.rc1-4.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14083	P	apache2-2.4.23-28.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14003	P	perl-Config-IniFiles-2.82-3.12 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14734	P	perl-XML-LibXML-2.0019-6.3.5 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13759	P	yast2-core-3.1.18-1.5 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13737	P	tftp-5.2-10.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13729	P	stunnel-5.00-3.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:38127	P	Security update for dnsmasq (Important)	2021-01-19
oval:org.opensuse.security:def:38552	P	avahi on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38377	P	libssh4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37737	P	autofs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39234	P	telepathy-idle on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37832	P	kernel-default on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38070	P	stunnel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38524	P	xorg-x11-libs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38217	P	hardlink on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38596	P	fuse on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38436	P	patch on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37748	P	chrony on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39276	P	Security update for docker-distribution (Moderate)	2020-12-01
oval:org.opensuse.security:def:37969	P	libtag1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37736	P	augeas on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38485	P	squashfs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:103046	P	Security update for docker-distribution (Moderate)	2020-09-15
oval:org.opensuse.security:def:109703	P	Security update for docker-distribution (Moderate)	2020-09-15
oval:org.opensuse.security:def:96356	P	Security update for docker-distribution (Moderate)	2020-09-15
oval:com.ubuntu.xenial:def:2017114680000000	V	CVE-2017-11468 on Ubuntu 16.04 LTS (xenial) - low.	2017-07-20
oval:com.ubuntu.artful:def:201711468000	V	CVE-2017-11468 on Ubuntu 17.10 (artful) - low.	2017-07-20
oval:com.ubuntu.disco:def:2017114680000000	V	CVE-2017-11468 on Ubuntu 19.04 (disco) - low.	2017-07-20
oval:com.ubuntu.bionic:def:201711468000	V	CVE-2017-11468 on Ubuntu 18.04 LTS (bionic) - low.	2017-07-20
oval:com.ubuntu.cosmic:def:2017114680000000	V	CVE-2017-11468 on Ubuntu 18.10 (cosmic) - low.	2017-07-20
oval:com.ubuntu.cosmic:def:201711468000	V	CVE-2017-11468 on Ubuntu 18.10 (cosmic) - low.	2017-07-20
oval:com.ubuntu.bionic:def:2017114680000000	V	CVE-2017-11468 on Ubuntu 18.04 LTS (bionic) - low.	2017-07-20
oval:com.ubuntu.xenial:def:201711468000	V	CVE-2017-11468 on Ubuntu 16.04 LTS (xenial) - low.	2017-07-20

BACK