Vulnerabilites related to cumulusnetworks - cumulus_linux
Vulnerability from fkie_nvd
Published
2017-11-08 20:29
Modified
2024-11-21 03:15
Severity ?
Summary
bgpd in FRRouting (FRR) before 2.0.2 and 3.x before 3.0.2, as used in Cumulus Linux before 3.4.3 and other products, allows remote attackers to obtain sensitive information via a malformed BGP UPDATE packet from a connected peer, which triggers transmission of up to a few thousand unintended bytes because of a mishandled attribute length, aka RN-690 (CM-18492).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:frrouting:frrouting:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C954F09-489E-427F-A321-9D3C06863E5E",
"versionEndExcluding": "2.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:frrouting:frrouting:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BD5AA58D-657C-419D-8DED-9623585BF3BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:frrouting:frrouting:3.0:rc0:*:*:*:*:*:*",
"matchCriteriaId": "4C02CBC5-37AE-4CB8-9E6F-24DC7A907758",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:frrouting:frrouting:3.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "75F37C2C-D289-4CF4-A5A8-57F0C9BD0085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:frrouting:frrouting:3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A52F4064-17F9-4452-9C7D-4C773E4DF814",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:frrouting:frrouting:3.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "CDE721D6-0B22-4C34-B9D6-14D6FC5612D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:frrouting:frrouting:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD2A2B4-0C7A-476F-9061-7EA71143BE4C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cumulusnetworks:cumulus_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B233D-29C3-4C72-9BFD-897D15276234",
"versionEndExcluding": "3.4.3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "bgpd in FRRouting (FRR) before 2.0.2 and 3.x before 3.0.2, as used in Cumulus Linux before 3.4.3 and other products, allows remote attackers to obtain sensitive information via a malformed BGP UPDATE packet from a connected peer, which triggers transmission of up to a few thousand unintended bytes because of a mishandled attribute length, aka RN-690 (CM-18492)."
},
{
"lang": "es",
"value": "bgpd en FRRouting (FRR) en versiones anteriores a la 2.0.2 y versiones 3.x anteriores a la 3.0.2, tal y como se usa en Cumulus Linux en versiones anteriores a la 3.4.3 y en otros productos, permite que atacantes remotos obtengan informaci\u00f3n sensible mediante un paquete BGP UPDATE mal formado desde un peer conectado, lo que desencadena la transmisi\u00f3n de hasta miles de bytes no planeados por culpa de la longitud de un atributo gestionado de manera incorrecta. Esta vulnerabilidad tambi\u00e9n se conoce como RN-690 (CM-18492)."
}
],
"id": "CVE-2017-15865",
"lastModified": "2024-11-21T03:15:21.743",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-11-08T20:29:00.557",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101794"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://frrouting.org/community/security.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://lists.cumulusnetworks.com/pipermail/cumulus-security-announce/2017-November/000009.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://support.cumulusnetworks.com/hc/en-us/articles/115014754307#rn690"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://support.cumulusnetworks.com/hc/en-us/articles/115014778107-CVE-2017-15865-Malformed-BGP-UPDATE-Triggers-Information-Disclosure"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101794"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://frrouting.org/community/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://lists.cumulusnetworks.com/pipermail/cumulus-security-announce/2017-November/000009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://support.cumulusnetworks.com/hc/en-us/articles/115014754307#rn690"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://support.cumulusnetworks.com/hc/en-us/articles/115014778107-CVE-2017-15865-Malformed-BGP-UPDATE-Triggers-Information-Disclosure"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-22 18:29
Modified
2024-11-21 02:33
Severity ?
Summary
The Switch Configuration Tools Backend (clcmd_server) in Cumulus Linux 2.5.3 and earlier allows local users to execute arbitrary commands via shell metacharacters in a cl-rctl command label.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://seclists.org/fulldisclosure/2015/Aug/23 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2015/Aug/23 | Mailing List, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cumulusnetworks | cumulus_linux | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cumulusnetworks:cumulus_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "448ED96F-0513-454C-A351-0E355CDA7D80",
"versionEndIncluding": "2.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Switch Configuration Tools Backend (clcmd_server) in Cumulus Linux 2.5.3 and earlier allows local users to execute arbitrary commands via shell metacharacters in a cl-rctl command label."
},
{
"lang": "es",
"value": "Switch Configuration Tools Backend (clcmd_server) en Cumulus Linux en versiones 2.5.3 y anteriores permite que usuarios locales ejecuten comandos arbitrarios mediante metacaracteres shell en una etiqueta de comando cl-rctl."
}
],
"id": "CVE-2015-5699",
"lastModified": "2024-11-21T02:33:40.137",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-22T18:29:00.247",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2015/Aug/23"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2015/Aug/23"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2015-5699
Vulnerability from cvelistv5
Published
2017-10-20 21:00
Modified
2024-08-06 06:59
Severity ?
EPSS score ?
Summary
The Switch Configuration Tools Backend (clcmd_server) in Cumulus Linux 2.5.3 and earlier allows local users to execute arbitrary commands via shell metacharacters in a cl-rctl command label.
References
| ▼ | URL | Tags |
|---|---|---|
| http://seclists.org/fulldisclosure/2015/Aug/23 | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:59:03.810Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20150811 CVE-2015-5699 - Cumulus Linux\u0027s Switch Configuration Tools Backend, clcmd_server, Vulnerable to Local Privilege Escalation",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2015/Aug/23"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-08-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Switch Configuration Tools Backend (clcmd_server) in Cumulus Linux 2.5.3 and earlier allows local users to execute arbitrary commands via shell metacharacters in a cl-rctl command label."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-20T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20150811 CVE-2015-5699 - Cumulus Linux\u0027s Switch Configuration Tools Backend, clcmd_server, Vulnerable to Local Privilege Escalation",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2015/Aug/23"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-5699",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Switch Configuration Tools Backend (clcmd_server) in Cumulus Linux 2.5.3 and earlier allows local users to execute arbitrary commands via shell metacharacters in a cl-rctl command label."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150811 CVE-2015-5699 - Cumulus Linux\u0027s Switch Configuration Tools Backend, clcmd_server, Vulnerable to Local Privilege Escalation",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Aug/23"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-5699",
"datePublished": "2017-10-20T21:00:00",
"dateReserved": "2015-07-29T00:00:00",
"dateUpdated": "2024-08-06T06:59:03.810Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-15865
Vulnerability from cvelistv5
Published
2017-11-08 20:00
Modified
2024-08-05 20:04
Severity ?
EPSS score ?
Summary
bgpd in FRRouting (FRR) before 2.0.2 and 3.x before 3.0.2, as used in Cumulus Linux before 3.4.3 and other products, allows remote attackers to obtain sensitive information via a malformed BGP UPDATE packet from a connected peer, which triggers transmission of up to a few thousand unintended bytes because of a mishandled attribute length, aka RN-690 (CM-18492).
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.cumulusnetworks.com/pipermail/cumulus-security-announce/2017-November/000009.html | x_refsource_CONFIRM | |
| https://support.cumulusnetworks.com/hc/en-us/articles/115014778107-CVE-2017-15865-Malformed-BGP-UPDATE-Triggers-Information-Disclosure | x_refsource_CONFIRM | |
| https://frrouting.org/community/security.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/101794 | vdb-entry, x_refsource_BID | |
| https://support.cumulusnetworks.com/hc/en-us/articles/115014754307#rn690 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:04:50.367Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lists.cumulusnetworks.com/pipermail/cumulus-security-announce/2017-November/000009.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.cumulusnetworks.com/hc/en-us/articles/115014778107-CVE-2017-15865-Malformed-BGP-UPDATE-Triggers-Information-Disclosure"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://frrouting.org/community/security.html"
},
{
"name": "101794",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101794"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.cumulusnetworks.com/hc/en-us/articles/115014754307#rn690"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-11-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "bgpd in FRRouting (FRR) before 2.0.2 and 3.x before 3.0.2, as used in Cumulus Linux before 3.4.3 and other products, allows remote attackers to obtain sensitive information via a malformed BGP UPDATE packet from a connected peer, which triggers transmission of up to a few thousand unintended bytes because of a mishandled attribute length, aka RN-690 (CM-18492)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-14T10:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lists.cumulusnetworks.com/pipermail/cumulus-security-announce/2017-November/000009.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.cumulusnetworks.com/hc/en-us/articles/115014778107-CVE-2017-15865-Malformed-BGP-UPDATE-Triggers-Information-Disclosure"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://frrouting.org/community/security.html"
},
{
"name": "101794",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101794"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.cumulusnetworks.com/hc/en-us/articles/115014754307#rn690"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15865",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "bgpd in FRRouting (FRR) before 2.0.2 and 3.x before 3.0.2, as used in Cumulus Linux before 3.4.3 and other products, allows remote attackers to obtain sensitive information via a malformed BGP UPDATE packet from a connected peer, which triggers transmission of up to a few thousand unintended bytes because of a mishandled attribute length, aka RN-690 (CM-18492)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.cumulusnetworks.com/pipermail/cumulus-security-announce/2017-November/000009.html",
"refsource": "CONFIRM",
"url": "https://lists.cumulusnetworks.com/pipermail/cumulus-security-announce/2017-November/000009.html"
},
{
"name": "https://support.cumulusnetworks.com/hc/en-us/articles/115014778107-CVE-2017-15865-Malformed-BGP-UPDATE-Triggers-Information-Disclosure",
"refsource": "CONFIRM",
"url": "https://support.cumulusnetworks.com/hc/en-us/articles/115014778107-CVE-2017-15865-Malformed-BGP-UPDATE-Triggers-Information-Disclosure"
},
{
"name": "https://frrouting.org/community/security.html",
"refsource": "CONFIRM",
"url": "https://frrouting.org/community/security.html"
},
{
"name": "101794",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101794"
},
{
"name": "https://support.cumulusnetworks.com/hc/en-us/articles/115014754307#rn690",
"refsource": "CONFIRM",
"url": "https://support.cumulusnetworks.com/hc/en-us/articles/115014754307#rn690"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15865",
"datePublished": "2017-11-08T20:00:00",
"dateReserved": "2017-10-24T00:00:00",
"dateUpdated": "2024-08-05T20:04:50.367Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}