Lucene search

K
cve[email protected]CVE-2009-1494
HistoryApr 30, 2009 - 8:30 p.m.

CVE-2009-1494

2009-04-3020:30:00
CWE-200
web.nvd.nist.gov
31
memcached
cve-2009-1494
security
information security

7.2 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.006 Low

EPSS

Percentile

77.6%

The process_stat function in Memcached 1.2.8 discloses memory-allocation statistics in response to a stats malloc command, which allows remote attackers to obtain potentially sensitive information by sending this command to the daemon’s TCP port.

Affected configurations

NVD
Node
memcachedbmemcachedMatch1.2.8

7.2 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.006 Low

EPSS

Percentile

77.6%