Lucene search

[email protected]CVE-2022-44792

HistoryNov 07, 2022 - 3:15 a.m.

CVE-2022-44792

2022-11-0703:15:00

CWE-476

[email protected]

web.nvd.nist.gov

207

cve-2022-44792

net-snmp

null pointer exception

dos

nvd

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

6.2 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.004 Low

EPSS

Percentile

73.3%

JSON

handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker (who has write access) to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.

CPENameOperatorVersion
net-snmp:net-snmpnet-snmple5.9.3
debian:debian_linuxdebian debian linuxeq10.0
netapp:h300s_firmwarenetapp h300s firmwareeq-
netapp:h500s_firmwarenetapp h500s firmwareeq-
netapp:h700s_firmwarenetapp h700s firmwareeq-
netapp:h410s_firmwarenetapp h410s firmwareeq-

CPE	Name	Operator	Version
net-snmp:net-snmp	net-snmp	le	5.9.3
debian:debian_linux	debian debian linux	eq	10.0
netapp:h300s_firmware	netapp h300s firmware	eq	-
netapp:h500s_firmware	netapp h500s firmware	eq	-
netapp:h700s_firmware	netapp h700s firmware	eq	-
netapp:h410s_firmware	netapp h410s firmware	eq	-