9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.161 Low
EPSS
Percentile
95.9%
IBM SECURITY ADVISORY
First Issued: Wed Nov 8 09:27:01 CST 2017
|Updated: Wed Feb 28 09:33:13 CST 2018
|Update: Corrected the APARs listed under the APAR section.
The most recent version of this document is available here:
http://aix.software.ibm.com/aix/efixes/security/tcpdump_advisory3.asc
https://aix.software.ibm.com/aix/efixes/security/tcpdump_advisory3.asc
ftp://aix.software.ibm.com/aix/efixes/security/tcpdump_advisory3.asc
Security Bulletin: Vulnerabilities in tcpdump affect AIX
SUMMARY:
There are multiple vulnerabilities in tcpdump that impact AIX.
===============================================================================
I. AFFECTED PRODUCTS AND VERSIONS:
AIX 5.3, 6.1, 7.1, 7.2
VIOS 2.2
The following fileset levels are vulnerable:
key_fileset = aix
Fileset Lower Level Upper Level KEY
-----------------------------------------------------
bos.net.tcp.server 5.3.12.0 5.3.12.6 key_w_fs
bos.net.tcp.server 6.1.9.0 6.1.9.300 key_w_fs
bos.net.tcp.server 7.1.3.0 7.1.3.49 key_w_fs
bos.net.tcp.server 7.1.4.0 7.1.4.32 key_w_fs
bos.net.tcp.tcpdump 7.2.0.0 7.2.0.3 key_w_fs
bos.net.tcp.tcpdump 7.2.1.0 7.2.1.1 key_w_fs
Note: To find out whether the affected filesets are installed
on your systems, refer to the lslpp command found in AIX user's
guide.
Example: lslpp -L | grep -i bos.net.tcp.server
II. REMEDIATION:
A. FIXES
Fixes are available.
The fixes can be downloaded via ftp or http from:
ftp://aix.software.ibm.com/aix/efixes/security/tcpdump_fix3.tar
http://aix.software.ibm.com/aix/efixes/security/tcpdump_fix3.tar
https://aix.software.ibm.com/aix/efixes/security/tcpdump_fix3.tar
The links above are to a tar file containing this signed
advisory, interim fixes, and OpenSSL signatures for each interim fix.
The fixes below include prerequisite checking. This will
enforce the correct mapping between the fixes and AIX
Technology Levels.
AIX Level Interim Fix (*.Z) KEY
----------------------------------------------
5.3.12.9 IV94729m9a.171009.epkg.Z key_w_fix
6.1.9.8 IV94728mAa.171008.epkg.Z key_w_fix
6.1.9.9 IV94728mAa.171008.epkg.Z key_w_fix
6.1.9.10 IV94728mAa.171008.epkg.Z key_w_fix
7.1.3.7 IV94727m9a.171009.epkg.Z key_w_fix
7.1.3.8 IV94727m9a.171009.epkg.Z key_w_fix
7.1.3.9 IV94727m9a.171009.epkg.Z key_w_fix
7.1.4.3 IV94726m5a.171009.epkg.Z key_w_fix
7.1.4.4 IV94726m5a.171009.epkg.Z key_w_fix
7.1.4.5 IV94726m5a.171009.epkg.Z key_w_fix
7.2.0.3 IV94724m5a.171009.epkg.Z key_w_fix
7.2.0.4 IV94724m5a.171009.epkg.Z key_w_fix
7.2.0.5 IV94724m5a.171009.epkg.Z key_w_fix
7.2.1.1 IV94723m3a.171009.epkg.Z key_w_fix
7.2.1.2 IV94723m3a.171009.epkg.Z key_w_fix
7.2.1.3 IV94723m3a.171009.epkg.Z key_w_fix
Please note that the above tables refer to AIX TL/SP level as
opposed to fileset level, i.e., 7.1.3.8 is AIX 7100-03-08.
VIOS Level Interim Fix (*.Z) KEY
----------------------------------------------
2.2.5.20 IV94728mAa.171008.epkg.Z key_w_fix
2.2.6.0 IV94728mAa.171008.epkg.Z key_w_fix
2.2.6.10 IV94728mAa.171008.epkg.Z key_w_fix
The above fixes are cumulative and address previously issued
AIX tcpdump security bulletins with respect to SP and TL.
To extract the fixes from the tar file:
tar xvf tcpdump_fix3.tar
cd tcpdump_fix3
Verify you have retrieved the fixes intact:
The checksums below were generated using the
"openssl dgst -sha256 [filename]" command as the following:
openssl dgst -sha256 filename KEY
-----------------------------------------------------------------------------------------------------
6248b20c3af88225f6be5bd84f2ff3a901a8db300609dbd11e652a0d1fd831a5 IV94723m3a.171009.epkg.Z key_w_csum
a52bba4e3411a861e52f11cc961cc7a79be4f3359c56b256bad0888eb77309eb IV94724m5a.171009.epkg.Z key_w_csum
178f356ad65b89b2584397506851a29af4ba5d280f51f7483e9d9ecfb6f01d7a IV94726m5a.171009.epkg.Z key_w_csum
1d8cb7ecd0dd3f167860b4db7eab3a2b349e787b4f23858f02cd31bfab8278fa IV94727m9a.171009.epkg.Z key_w_csum
c1fff8799746a5d2eac51de70c51ef414f536c1bc7cd68174b087ba4e14cb59b IV94728mAa.171008.epkg.Z key_w_csum
d03367a2507bb0bb2ddb358b15ccc8303c5b7a0cb170f4b08dccb12246e4122f IV94729m9a.171009.epkg.Z key_w_csum
These sums should match exactly. The OpenSSL signatures in the tar
file and on this advisory can also be used to verify the
integrity of the fixes. If the sums or signatures cannot be
confirmed, contact IBM AIX Support at https://ibm.com/support/
and describe the discrepancy.
openssl dgst -sha1 -verify [pubkey_file] -signature [advisory_file].sig [advisory_file]
openssl dgst -sha1 -verify [pubkey_file] -signature [ifix_file].sig [ifix_file]
Published advisory OpenSSL signature file location:
http://aix.software.ibm.com/aix/efixes/security/tcpdump_advisory3.asc.sig
https://aix.software.ibm.com/aix/efixes/security/tcpdump_advisory3.asc.sig
ftp://aix.software.ibm.com/aix/efixes/security/tcpdump_advisory3.asc.sig
B. INTERIM FIX INSTALLATION
IMPORTANT: If possible, it is recommended that a mksysb backup
of the system be created. Verify it is both bootable and
readable before proceeding.
To preview a fix installation:
installp -a -d fix_name -p all # where fix_name is the name of the
# fix package being previewed.
To install a fix package:
installp -a -d fix_name -X all # where fix_name is the name of the
# fix package being installed.
Interim fixes have had limited functional and regression
testing but not the full regression testing that takes place
for Service Packs; however, IBM does fully support them.
Interim fix management documentation can be found at:
http://www14.software.ibm.com/webapp/set2/sas/f/aix.efixmgmt/home.html
To preview an interim fix installation:
emgr -e ipkg_name -p # where ipkg_name is the name of the
# interim fix package being previewed.
To install an interim fix package:
emgr -e ipkg_name -X # where ipkg_name is the name of the
# interim fix package being installed.
C. APARS
IBM has assigned the following APARs to this problem:
AIX Level APAR Availability SP KEY
------------------------------------------------
| 5.3.12 IJ00568 ** N/A key_w_apar
| 6.1.9 IJ00563 ** SP11 key_w_apar
| 7.1.3 IJ00564 ** N/A key_w_apar
| 7.1.4 IJ00565 ** SP6 key_w_apar
| 7.2.0 IJ00566 ** SP6 key_w_apar
| 7.2.1 IJ00567 ** SP4 key_w_apar
** Please refer to AIX support lifecycle information page for availability
of Service Packs:
http://www-01.ibm.com/support/docview.wss?uid=isg3T1012517
Subscribe to the APARs here:
| https://www.ibm.com/support/docview.wss?uid=isg1IJ00568
| https://www.ibm.com/support/docview.wss?uid=isg1IJ00563
| https://www.ibm.com/support/docview.wss?uid=isg1IJ00564
| https://www.ibm.com/support/docview.wss?uid=isg1IJ00565
| https://www.ibm.com/support/docview.wss?uid=isg1IJ00566
| https://www.ibm.com/support/docview.wss?uid=isg1IJ00567
By subscribing, you will receive periodic email alerting you
to the status of the APAR, and a link to download the fix once
it becomes available.
III. WORKAROUNDS AND MITIGATIONS:
None.
IV.VULNERABILITY DETAILS:
Vulnerabilities in tcpdump affect AIX:
CVEID: CVE-2017-12993
https://vulners.com/cve/CVE-2017-12993
https://vulners.com/cve/CVE-2017-12993
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the Juniper
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131892 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-12992
https://vulners.com/cve/CVE-2017-12992
https://vulners.com/cve/CVE-2017-12992
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the RIPng
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131891 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-12991
https://vulners.com/cve/CVE-2017-12991
https://vulners.com/cve/CVE-2017-12991
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the BGP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131886 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-12988
https://vulners.com/cve/CVE-2017-12988
https://vulners.com/cve/CVE-2017-12988
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the telnet
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131885 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-12987
https://vulners.com/cve/CVE-2017-12987
https://vulners.com/cve/CVE-2017-12987
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the IEEE 802.11
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131883 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-12986
https://vulners.com/cve/CVE-2017-12986
https://vulners.com/cve/CVE-2017-12986
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the IPv6 routing
headers component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131876 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-12985
https://vulners.com/cve/CVE-2017-12985
https://vulners.com/cve/CVE-2017-12985
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the IPv6
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131875 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-12902
https://vulners.com/cve/CVE-2017-12902
https://vulners.com/cve/CVE-2017-12902
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the Zephyr
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131874 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-12901
https://vulners.com/cve/CVE-2017-12901
https://vulners.com/cve/CVE-2017-12901
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the EIGRP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131873 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-12900
https://vulners.com/cve/CVE-2017-12900
https://vulners.com/cve/CVE-2017-12900
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the tok2strbuf
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131872 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-12899
https://vulners.com/cve/CVE-2017-12899
https://vulners.com/cve/CVE-2017-12899
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the DECnet
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131871 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-12898
https://vulners.com/cve/CVE-2017-12898
https://vulners.com/cve/CVE-2017-12898
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the NFS component.
By sending a specially crafted request, an attacker could exploit
this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131868 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-12897
https://vulners.com/cve/CVE-2017-12897
https://vulners.com/cve/CVE-2017-12897
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the ISO CLNS
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131867 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-12896
https://vulners.com/cve/CVE-2017-12896
https://vulners.com/cve/CVE-2017-12896
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the ISAKMP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131877 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-12895
https://vulners.com/cve/CVE-2017-12895
https://vulners.com/cve/CVE-2017-12895
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the ICMP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131865 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-12894
https://vulners.com/cve/CVE-2017-12894
https://vulners.com/cve/CVE-2017-12894
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the
lookup_bytestring component. By sending a specially crafted request,
an attacker could exploit this vulnerability to obtain sensitive
information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131864 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-12893
https://vulners.com/cve/CVE-2017-12893
https://vulners.com/cve/CVE-2017-12893
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the SMB/CIFS
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131810 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-11542
https://vulners.com/cve/CVE-2017-11542
https://vulners.com/cve/CVE-2017-11542
DESCRIPTION: tcpdump is vulnerable to a denial of service, caused by a
heap-based buffer over-read in the pimv1_print function in
print-pim.c. An attacker could exploit this vulnerability to cause
the application to crash.
CVSS Base Score: 7.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/129253 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2017-11541
https://vulners.com/cve/CVE-2017-11541
https://vulners.com/cve/CVE-2017-11541
DESCRIPTION: tcpdump is vulnerable to a denial of service, caused by a
heap-based buffer over-read in the lldp_print function in
print-lldp.c. An attacker could exploit this vulnerability to cause
the application to crash.
CVSS Base Score: 7.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/129252 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2017-12997
https://vulners.com/cve/CVE-2017-12997
https://vulners.com/cve/CVE-2017-12997
DESCRIPTION: tcpdump is vulnerable to a denial of service, caused by an
error in the LLDP component. By sending specially crafted data, a
remote attacker could exploit this vulnerability to cause the
application to enter into an infinite loop.
CVSS Base Score: 7.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131809 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2017-12995
https://vulners.com/cve/CVE-2017-12995
https://vulners.com/cve/CVE-2017-12995
DESCRIPTION: tcpdump is vulnerable to a denial of service, caused by an
error in the DNS component. By sending specially crafted data, a
remote attacker could exploit this vulnerability to cause the
application to enter into an infinite loop.
CVSS Base Score: 7.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131808 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2017-12990
https://vulners.com/cve/CVE-2017-12990
https://vulners.com/cve/CVE-2017-12990
DESCRIPTION: tcpdump is vulnerable to a denial of service, caused by an
error in the ISAKMP component. By sending specially crafted data, a
remote attacker could exploit this vulnerability to cause the
application to enter into an infinite loop.
CVSS Base Score: 7.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131807 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2017-12989
https://vulners.com/cve/CVE-2017-12989
https://vulners.com/cve/CVE-2017-12989
DESCRIPTION: tcpdump is vulnerable to a denial of service, caused by an
error in the RESP component. By sending specially crafted data, a
remote attacker could exploit this vulnerability to cause the
application to enter into an infinite loop.
CVSS Base Score: 7.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131794 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2017-13011
https://vulners.com/cve/CVE-2017-13011
https://vulners.com/cve/CVE-2017-13011
DESCRIPTION: tcpdump is vulnerable to a buffer overflow, caused by
improper bounds checking by the bittok2str_internal component. By
sending an overly long string argument, a remote attacker could
overflow a buffer and execute arbitrary code on the system or cause
the application to crash.
CVSS Base Score: 7.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131781 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVEID: CVE-2017-11543
https://vulners.com/cve/CVE-2017-11543
https://vulners.com/cve/CVE-2017-11543
DESCRIPTION: tcpdump is vulnerable to a denial of service, caused by a
buffer overflow in the sliplink_print function in print-sl.c. An
attacker could exploit this vulnerability to cause the application
to crash.
CVSS Base Score: 7.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/129254 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2017-13018
https://vulners.com/cve/CVE-2017-13018
https://vulners.com/cve/CVE-2017-13018
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the PGM component.
By sending a specially crafted request, an attacker could exploit
this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131912 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13017
https://vulners.com/cve/CVE-2017-13017
https://vulners.com/cve/CVE-2017-13017
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the DHCPv6
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131911 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13016
https://vulners.com/cve/CVE-2017-13016
https://vulners.com/cve/CVE-2017-13016
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the ISO ES-IS
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131909 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-11543
https://vulners.com/cve/CVE-2017-11543
https://vulners.com/cve/CVE-2017-11543
DESCRIPTION: tcpdump is vulnerable to a denial of service, caused by a
buffer overflow in the sliplink_print function in print-sl.c. An
attacker could exploit this vulnerability to cause the application
to crash.
CVSS Base Score: 7.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/129254 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2017-13015
https://vulners.com/cve/CVE-2017-13015
https://vulners.com/cve/CVE-2017-13015
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the EAP component.
By sending a specially crafted request, an attacker could exploit
this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131908 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13014
https://vulners.com/cve/CVE-2017-13014
https://vulners.com/cve/CVE-2017-13014
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the White Board
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131907 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13013
https://vulners.com/cve/CVE-2017-13013
https://vulners.com/cve/CVE-2017-13013
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the ARP component.
By sending a specially crafted request, an attacker could exploit
this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131906 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13012
https://vulners.com/cve/CVE-2017-13012
https://vulners.com/cve/CVE-2017-13012
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the ICMP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131878 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13010
https://vulners.com/cve/CVE-2017-13010
https://vulners.com/cve/CVE-2017-13010
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the BEEP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131905 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13009
https://vulners.com/cve/CVE-2017-13009
https://vulners.com/cve/CVE-2017-13009
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the IPv6 mobility
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131879 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13008
https://vulners.com/cve/CVE-2017-13008
https://vulners.com/cve/CVE-2017-13008
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the IEEE 802.11
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131884 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13006
https://vulners.com/cve/CVE-2017-13006
https://vulners.com/cve/CVE-2017-13006
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the L2TP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131903 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13005
https://vulners.com/cve/CVE-2017-13005
https://vulners.com/cve/CVE-2017-13005
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the NFS component.
By sending a specially crafted request, an attacker could exploit
this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131869 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13004
https://vulners.com/cve/CVE-2017-13004
https://vulners.com/cve/CVE-2017-13004
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the Juniper
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131893 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13003
https://vulners.com/cve/CVE-2017-13003
https://vulners.com/cve/CVE-2017-13003
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the LMP component.
By sending a specially crafted request, an attacker could exploit
this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131902 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13002
https://vulners.com/cve/CVE-2017-13002
https://vulners.com/cve/CVE-2017-13002
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the AODV
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131901 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13001
https://vulners.com/cve/CVE-2017-13001
https://vulners.com/cve/CVE-2017-13001
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the NFS component.
By sending a specially crafted request, an attacker could exploit
this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131870 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13000
https://vulners.com/cve/CVE-2017-13000
https://vulners.com/cve/CVE-2017-13000
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the IEEE 802.15.4
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131900 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-12999
https://vulners.com/cve/CVE-2017-12999
https://vulners.com/cve/CVE-2017-12999
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the ISO IS-IS
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131896 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-12998
https://vulners.com/cve/CVE-2017-12998
https://vulners.com/cve/CVE-2017-12998
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the ISO IS-IS
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131895 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-12996
https://vulners.com/cve/CVE-2017-12996
https://vulners.com/cve/CVE-2017-12996
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the PIMv2
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131894 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-12994
https://vulners.com/cve/CVE-2017-12994
https://vulners.com/cve/CVE-2017-12994
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the BGP component.
By sending a specially crafted request, an attacker could exploit
this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131887 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-11541
https://vulners.com/cve/CVE-2017-11541
https://vulners.com/cve/CVE-2017-11541
DESCRIPTION: tcpdump is vulnerable to a denial of service, caused by a
heap-based buffer over-read in the lldp_print function in
print-lldp.c. An attacker could exploit this vulnerability to cause
the application to crash.
CVSS Base Score: 7.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/129252 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2017-11542
https://vulners.com/cve/CVE-2017-11542
https://vulners.com/cve/CVE-2017-11542
DESCRIPTION: tcpdump is vulnerable to a denial of service, caused by a
heap-based buffer over-read in the pimv1_print function in
print-pim.c. An attacker could exploit this vulnerability to cause
the application to crash.
CVSS Base Score: 7.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/129253 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2017-13043
https://vulners.com/cve/CVE-2017-13043
https://vulners.com/cve/CVE-2017-13043
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the BGP component.
By sending a specially crafted request, an attacker could exploit
this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131890 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13042
https://vulners.com/cve/CVE-2017-13042
https://vulners.com/cve/CVE-2017-13042
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the HNCP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/132002 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13041
https://vulners.com/cve/CVE-2017-13041
https://vulners.com/cve/CVE-2017-13041
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the ICMPv6
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131985 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13040
https://vulners.com/cve/CVE-2017-13040
https://vulners.com/cve/CVE-2017-13040
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the MPTCP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/132001 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13039
https://vulners.com/cve/CVE-2017-13039
https://vulners.com/cve/CVE-2017-13039
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the ISAKMP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131866 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13038
https://vulners.com/cve/CVE-2017-13038
https://vulners.com/cve/CVE-2017-13038
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the PPP component.
By sending a specially crafted request, an attacker could exploit
this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/132000 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13037
https://vulners.com/cve/CVE-2017-13037
https://vulners.com/cve/CVE-2017-13037
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the IP component.
By sending a specially crafted request, an attacker could exploit
this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131999 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13036
https://vulners.com/cve/CVE-2017-13036
https://vulners.com/cve/CVE-2017-13036
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the OSPFv3
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131998 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13035
https://vulners.com/cve/CVE-2017-13035
https://vulners.com/cve/CVE-2017-13035
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the ISO IS-IS
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131899 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13034
https://vulners.com/cve/CVE-2017-13034
https://vulners.com/cve/CVE-2017-13034
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the PGM component.
By sending a specially crafted request, an attacker could exploit
this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131914 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13033
https://vulners.com/cve/CVE-2017-13033
https://vulners.com/cve/CVE-2017-13033
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the VTP component.
By sending a specially crafted request, an attacker could exploit
this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131983 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13032
https://vulners.com/cve/CVE-2017-13032
https://vulners.com/cve/CVE-2017-13032
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the RADIUS
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131997 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13031
https://vulners.com/cve/CVE-2017-13031
https://vulners.com/cve/CVE-2017-13031
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the IPv6
fragmentation header component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131996 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13030
https://vulners.com/cve/CVE-2017-13030
https://vulners.com/cve/CVE-2017-13030
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the PIM component.
By sending a specially crafted request, an attacker could exploit
this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131991 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13029
https://vulners.com/cve/CVE-2017-13029
https://vulners.com/cve/CVE-2017-13029
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the PPP component.
By sending a specially crafted request, an attacker could exploit
this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131990 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13028
https://vulners.com/cve/CVE-2017-13028
https://vulners.com/cve/CVE-2017-13028
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the BOOTP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131989 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13027
https://vulners.com/cve/CVE-2017-13027
https://vulners.com/cve/CVE-2017-13027
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the LLDP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131987 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13026
https://vulners.com/cve/CVE-2017-13026
https://vulners.com/cve/CVE-2017-13026
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the ISO IS-IS
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131897 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13025
https://vulners.com/cve/CVE-2017-13025
https://vulners.com/cve/CVE-2017-13025
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the IPv6 mobility
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131882 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13024
https://vulners.com/cve/CVE-2017-13024
https://vulners.com/cve/CVE-2017-13024
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the IPv6 mobility
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131881 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13023
https://vulners.com/cve/CVE-2017-13023
https://vulners.com/cve/CVE-2017-13023
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the IPv6 mobility
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131880 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13022
https://vulners.com/cve/CVE-2017-13022
https://vulners.com/cve/CVE-2017-13022
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the IP component.
By sending a specially crafted request, an attacker could exploit
this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131986 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13021
https://vulners.com/cve/CVE-2017-13021
https://vulners.com/cve/CVE-2017-13021
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the ICMPv6
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131984 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13020
https://vulners.com/cve/CVE-2017-13020
https://vulners.com/cve/CVE-2017-13020
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the VTP component.
By sending a specially crafted request, an attacker could exploit
this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131982 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13019
https://vulners.com/cve/CVE-2017-13019
https://vulners.com/cve/CVE-2017-13019
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the PGM component.
By sending a specially crafted request, an attacker could exploit
this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131913 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13725
https://vulners.com/cve/CVE-2017-13725
https://vulners.com/cve/CVE-2017-13725
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the IPv6 routing
headers component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/132014 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13690
https://vulners.com/cve/CVE-2017-13690
https://vulners.com/cve/CVE-2017-13690
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the IKEv2
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/132013 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13689
https://vulners.com/cve/CVE-2017-13689
https://vulners.com/cve/CVE-2017-13689
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the IKEv1
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/132012 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13688
https://vulners.com/cve/CVE-2017-13688
https://vulners.com/cve/CVE-2017-13688
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the OLSR
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/132011 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13687
https://vulners.com/cve/CVE-2017-13687
https://vulners.com/cve/CVE-2017-13687
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the Cisco HDLC
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/132010 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13055
https://vulners.com/cve/CVE-2017-13055
https://vulners.com/cve/CVE-2017-13055
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the ISO IS-IS
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131898 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13054
https://vulners.com/cve/CVE-2017-13054
https://vulners.com/cve/CVE-2017-13054
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the LLDP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131988 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13053
https://vulners.com/cve/CVE-2017-13053
https://vulners.com/cve/CVE-2017-13053
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the BGP component.
By sending a specially crafted request, an attacker could exploit
this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131888 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13052
https://vulners.com/cve/CVE-2017-13052
https://vulners.com/cve/CVE-2017-13052
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the CFM component.
By sending a specially crafted request, an attacker could exploit
this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/132009 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13051
https://vulners.com/cve/CVE-2017-13051
https://vulners.com/cve/CVE-2017-13051
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the RSVP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/132006 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13050
https://vulners.com/cve/CVE-2017-13050
https://vulners.com/cve/CVE-2017-13050
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the RPKI-Router
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/132008 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13049
https://vulners.com/cve/CVE-2017-13049
https://vulners.com/cve/CVE-2017-13049
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the Rx component.
By sending a specially crafted request, an attacker could exploit
this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/132007 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13048
https://vulners.com/cve/CVE-2017-13048
https://vulners.com/cve/CVE-2017-13048
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the RSVP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/132005 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13047
https://vulners.com/cve/CVE-2017-13047
https://vulners.com/cve/CVE-2017-13047
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the ISO ES-IS
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131910 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13046
https://vulners.com/cve/CVE-2017-13046
https://vulners.com/cve/CVE-2017-13046
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the BGP component.
By sending a specially crafted request, an attacker could exploit
this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131889 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13045
https://vulners.com/cve/CVE-2017-13045
https://vulners.com/cve/CVE-2017-13045
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the VQP component.
By sending a specially crafted request, an attacker could exploit
this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/132004 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2017-13044
https://vulners.com/cve/CVE-2017-13044
https://vulners.com/cve/CVE-2017-13044
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the HNCP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/132003 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
===============================================================================
CONTACT US:
Note: Keywords labeled as KEY in this document are used for parsing
purposes.
If you would like to receive AIX Security Advisories via email,
please visit "My Notifications":
http://www.ibm.com/support/mynotifications
https://www.ibm.com/support/mynotifications
To view previously issued advisories, please visit:
http://www14.software.ibm.com/webapp/set2/subscriptions/onvdq
https://www14.software.ibm.com/webapp/set2/subscriptions/onvdq
To obtain the OpenSSL public key that can be used to verify the
signed advisories and ifixes:
Download the key from our web page:
http://www.ibm.com/systems/resources/systems_p_os_aix_security_pubkey.txt
https://www.ibm.com/systems/resources/systems_p_os_aix_security_pubkey.txt
Please contact your local IBM AIX support center for any
assistance.
REFERENCES:
Complete CVSS v3 Guide: http://www.first.org/cvss/user-guide
https://www.first.org/cvss/user-guide
On-line Calculator v3:
http://www.first.org/cvss/calculator/3.0
https://www.first.org/cvss/calculator/3.0
ACKNOWLEDGEMENTS:
None
CHANGE HISTORY:
First Issued: Wed Nov 8 09:27:01 CST 2017
| Updated: Wed Feb 28 09:33:13 CST 2018
| Update: Corrected the APARs listed under the APAR section.
===============================================================================
*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact
of this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.
Disclaimer
According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an “industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response.” IBM PROVIDES THE CVSS SCORES “AS IS” WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT
OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.161 Low
EPSS
Percentile
95.9%