Vulnerability Name:

CVE-2019-12258 (CCN-164434)

Assigned:2019-07-29
Published:2019-07-29
Updated:2022-08-12
Summary:Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. This is a IPNET security vulnerability: DoS of TCP connection via malformed TCP options.
CVSS v3 Severity:7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
Vulnerability Type:CWE-384
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2019-12258

Source: CCN
Type: ARMIS Web site
URGENT/11

Source: CONFIRM
Type: Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf

Source: CONFIRM
Type: Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf

Source: CONFIRM
Type: Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf

Source: XF
Type: UNKNOWN
windriver-cve201912258-dos(164434)

Source: CONFIRM
Type: Third Party Advisory
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20190802-0001/

Source: CONFIRM
Type: Third Party Advisory
https://support.f5.com/csp/article/K41190253

Source: CCN
Type: Wind River Web site
CVE-2019-12258

Source: MISC
Type: Vendor Advisory
https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12258

Source: MISC
Type: Issue Tracking, Vendor Advisory
https://support2.windriver.com/index.php?page=security-notices

Source: CONFIRM
Type: Vendor Advisory
https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/

Vulnerable Configuration:Configuration 1:
  • cpe:/o:windriver:vxworks:7.0:-:*:*:*:*:*:*
  • OR cpe:/o:windriver:vxworks:*:*:*:*:*:*:*:* (Version >= 6.5 and < 6.9.4.12)

    • Configuration 2:
  • cpe:/o:sonicwall:sonicos:*:*:*:*:*:*:*:* (Version >= 6.5.4.0. and <= 6.5.4.3)
  • OR cpe:/o:sonicwall:sonicos:*:*:*:*:*:*:*:* (Version >= 6.5.3.0 and <= 6.5.3.3)
  • OR cpe:/o:sonicwall:sonicos:*:*:*:*:*:*:*:* (Version >= 6.5.2.0 and <= 6.5.2.3)
  • OR cpe:/o:sonicwall:sonicos:*:*:*:*:*:*:*:* (Version >= 6.5.1.0 and <= 6.5.1.4)
  • OR cpe:/o:sonicwall:sonicos:*:*:*:*:*:*:*:* (Version >= 6.5.0.0 and <= 6.5.0.3)
  • OR cpe:/o:sonicwall:sonicos:*:*:*:*:*:*:*:* (Version >= 6.2.7.0 and <= 6.2.7.4)
  • OR cpe:/o:sonicwall:sonicos:*:*:*:*:*:*:*:* (Version >= 6.2.6.0 and <= 6.2.6.1)
  • OR cpe:/o:sonicwall:sonicos:*:*:*:*:*:*:*:* (Version >= 6.2.5.0 and <= 6.2.5.3)
  • OR cpe:/o:sonicwall:sonicos:*:*:*:*:*:*:*:* (Version >= 6.2.4.0 and <= 6.2.4.3)
  • OR cpe:/o:sonicwall:sonicos:*:*:*:*:*:*:*:* (Version >= 6.2.0.0 and <= 6.2.3.1)
  • OR cpe:/o:sonicwall:sonicos:*:*:*:*:*:*:*:* (Version >= 5.9.1.0. and <= 5.9.1.12)
  • OR cpe:/o:sonicwall:sonicos:*:*:*:*:*:*:*:* (Version >= 5.9.0.0 and <= 5.9.0.7)
  • OR cpe:/o:sonicwall:sonicos:6.2.7.1:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:sonicos:6.2.7.7:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:sonicos:6.2.7.0:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:sonicos:*:*:*:*:*:*:*:* (Version >= 6.2.9.0 and <= 6.2.9.2)

    • Configuration 3:
  • cpe:/o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp200 (Version < 7.59)
  • AND
  • cpe:/h:siemens:siprotec_5:-:*:*:*:*:*:*:*

    • Configuration 4:
  • cpe:/o:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:* (Version >= 8.00 and <= 8.40.50.00)

    • Configuration 5:
  • cpe:/o:siemens:siprotec_5_firmware:*:*:*:*:*:*:*:cp300 (Version < 7.91)
  • AND
  • cpe:/h:siemens:siprotec_5:-:*:*:*:*:*:*:*

    • Configuration 6:
  • cpe:/o:siemens:power_meter_9410_firmware:*:*:*:*:*:*:*:* (Version < 2.2.1)
  • AND
  • cpe:/h:siemens:power_meter_9410:-:*:*:*:*:*:*:*

    • Configuration 7:
  • cpe:/o:siemens:power_meter_9810_firmware:*:*:*:*:*:*:*:*
  • AND
  • cpe:/h:siemens:power_meter_9810:-:*:*:*:*:*:*:*

    • Configuration 8:
  • cpe:/o:siemens:ruggedcom_win7000_firmware:*:*:*:*:*:*:*:* (Version < bs5.2.461.17)
  • AND
  • cpe:/h:siemens:ruggedcom_win7000:-:*:*:*:*:*:*:*

    • Configuration 9:
  • cpe:/o:siemens:ruggedcom_win7018_firmware:*:*:*:*:*:*:*:* (Version < bs5.2.461.17)
  • AND
  • cpe:/h:siemens:ruggedcom_win7018:-:*:*:*:*:*:*:*

    • Configuration 10:
  • cpe:/o:siemens:ruggedcom_win7025_firmware:*:*:*:*:*:*:*:* (Version < bs5.2.461.17)
  • AND
  • cpe:/h:siemens:ruggedcom_win7025:-:*:*:*:*:*:*:*

    • Configuration 11:
  • cpe:/o:siemens:ruggedcom_win7200_firmware:*:*:*:*:*:*:*:* (Version < bs5.2.461.17)
  • AND
  • cpe:/h:siemens:ruggedcom_win7200:-:*:*:*:*:*:*:*

    • Configuration 12:
  • cpe:/o:belden:hirschmann_hios:*:*:*:*:*:*:*:* (Version <= 07.0.07)
  • AND
  • cpe:/h:belden:hirschmann_rail_switch_power_lite:-:*:*:*:*:*:*:*
  • OR cpe:/h:belden:hirschmann_rail_switch_power_smart:-:*:*:*:*:*:*:*
  • OR cpe:/h:belden:hirschmann_red25:-:*:*:*:*:*:*:*
  • OR cpe:/h:belden:hirschmann_grs1042:-:*:*:*:*:*:*:*
  • OR cpe:/h:belden:hirschmann_grs1142:-:*:*:*:*:*:*:*
  • OR cpe:/h:belden:hirschmann_grs1020:-:*:*:*:*:*:*:*
  • OR cpe:/h:belden:hirschmann_grs1120:-:*:*:*:*:*:*:*
  • OR cpe:/h:belden:hirschmann_grs1030:-:*:*:*:*:*:*:*
  • OR cpe:/h:belden:hirschmann_grs1130:-:*:*:*:*:*:*:*
  • OR cpe:/h:belden:hirschmann_eesx20:-:*:*:*:*:*:*:*
  • OR cpe:/h:belden:hirschmann_eesx30:-:*:*:*:*:*:*:*
  • OR cpe:/h:belden:hirschmann_ees20:-:*:*:*:*:*:*:*
  • OR cpe:/h:belden:hirschmann_ees25:-:*:*:*:*:*:*:*
  • OR cpe:/h:belden:hirschmann_msp30:-:*:*:*:*:*:*:*
  • OR cpe:/h:belden:hirschmann_msp32:-:*:*:*:*:*:*:*
  • OR cpe:/h:belden:hirschmann_rspe30:-:*:*:*:*:*:*:*
  • OR cpe:/h:belden:hirschmann_rspe32:-:*:*:*:*:*:*:*
  • OR cpe:/h:belden:hirschmann_rspe35:-:*:*:*:*:*:*:*
  • OR cpe:/h:belden:hirschmann_rspe37:-:*:*:*:*:*:*:*
  • OR cpe:/h:belden:hirschmann_rsp25:-:*:*:*:*:*:*:*
  • OR cpe:/h:belden:hirschmann_rsp30:-:*:*:*:*:*:*:*
  • OR cpe:/h:belden:hirschmann_rsp35:-:*:*:*:*:*:*:*
  • OR cpe:/h:belden:hirschmann_rsp20:-:*:*:*:*:*:*:*

    • Configuration 13:
  • cpe:/o:belden:hirschmann_hios:*:*:*:*:*:*:*:* (Version <= 07.5.01)
  • AND
  • cpe:/h:belden:hirschmann_octopus_os3:-:*:*:*:*:*:*:*
  • OR cpe:/h:belden:hirschmann_msp40:-:*:*:*:*:*:*:*

    • Configuration 14:
  • cpe:/o:belden:hirschmann_hios:*:*:*:*:*:*:*:* (Version <= 07.2.04)
  • AND
  • cpe:/h:belden:hirschmann_dragon_mach4000:-:*:*:*:*:*:*:*
  • OR cpe:/h:belden:hirschmann_dragon_mach4500:-:*:*:*:*:*:*:*

    • Configuration 15:
  • cpe:/o:belden:hirschmann_hios:*:*:*:*:*:*:*:* (Version <= 05.3.06)
  • AND
  • cpe:/h:belden:hirschmann_eagle20:-:*:*:*:*:*:*:*
  • OR cpe:/h:belden:hirschmann_eagle30:-:*:*:*:*:*:*:*
  • OR cpe:/h:belden:hirschmann_eagle_one:-:*:*:*:*:*:*:*

    • Configuration 16:
  • cpe:/o:belden:garrettcom_magnum_dx940e_firmware:*:*:*:*:*:*:*:* (Version <= 1.0.1_y7)
  • AND
  • cpe:/h:belden:garrettcom_magnum_dx940e:-:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:windriver:vxworks:6.6:*:*:*:*:*:*:*
  • OR cpe:/o:windriver:vxworks:6.7:*:*:*:*:*:*:*
  • OR cpe:/o:windriver:vxworks:6.8:*:*:*:*:*:*:*
  • OR cpe:/o:windriver:vxworks:6.9:*:*:*:*:*:*:*
  • OR cpe:/o:windriver:vxworks:7.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    windriver vxworks 7.0 -
    windriver vxworks *
    sonicwall sonicos *
    sonicwall sonicos *
    sonicwall sonicos *
    sonicwall sonicos *
    sonicwall sonicos *
    sonicwall sonicos *
    sonicwall sonicos *
    sonicwall sonicos *
    sonicwall sonicos *
    sonicwall sonicos *
    sonicwall sonicos *
    sonicwall sonicos *
    sonicwall sonicos 6.2.7.1
    sonicwall sonicos 6.2.7.7
    sonicwall sonicos 6.2.7.0
    sonicwall sonicos *
    siemens siprotec 5 firmware *
    siemens siprotec 5 -
    netapp e-series santricity os controller *
    siemens siprotec 5 firmware *
    siemens siprotec 5 -
    siemens power meter 9410 firmware *
    siemens power meter 9410 -
    siemens power meter 9810 firmware *
    siemens power meter 9810 -
    siemens ruggedcom win7000 firmware *
    siemens ruggedcom win7000 -
    siemens ruggedcom win7018 firmware *
    siemens ruggedcom win7018 -
    siemens ruggedcom win7025 firmware *
    siemens ruggedcom win7025 -
    siemens ruggedcom win7200 firmware *
    siemens ruggedcom win7200 -
    belden hirschmann hios *
    belden hirschmann rail switch power lite -
    belden hirschmann rail switch power smart -
    belden hirschmann red25 -
    belden hirschmann grs1042 -
    belden hirschmann grs1142 -
    belden hirschmann grs1020 -
    belden hirschmann grs1120 -
    belden hirschmann grs1030 -
    belden hirschmann grs1130 -
    belden hirschmann eesx20 -
    belden hirschmann eesx30 -
    belden hirschmann ees20 -
    belden hirschmann ees25 -
    belden hirschmann msp30 -
    belden hirschmann msp32 -
    belden hirschmann rspe30 -
    belden hirschmann rspe32 -
    belden hirschmann rspe35 -
    belden hirschmann rspe37 -
    belden hirschmann rsp25 -
    belden hirschmann rsp30 -
    belden hirschmann rsp35 -
    belden hirschmann rsp20 -
    belden hirschmann hios *
    belden hirschmann octopus os3 -
    belden hirschmann msp40 -
    belden hirschmann hios *
    belden hirschmann dragon mach4000 -
    belden hirschmann dragon mach4500 -
    belden hirschmann hios *
    belden hirschmann eagle20 -
    belden hirschmann eagle30 -
    belden hirschmann eagle one -
    belden garrettcom magnum dx940e firmware *
    belden garrettcom magnum dx940e -
    windriver vxworks 6.6
    windriver vxworks 6.7
    windriver vxworks 6.8
    windriver vxworks 6.9
    windriver vxworks 7.0