Lucene search

K

GitLabCVELIST:CVE-2022-0581

HistoryFeb 14, 2022 - 12:00 a.m.

CVE-2022-0581

2022-02-1400:00:00

GitLab

www.cve.org

5

wireshark

cms

denial of service

packet injection

capture file

CVSS3

6.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

AI Score

8.7

Confidence

High

EPSS

0.004

Percentile

72.8%

Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file

CNA Affected

[
  {
    "vendor": "Wireshark Foundation",
    "product": "Wireshark",
    "versions": [
      {
        "version": ">=3.6.0, <3.6.2",
        "status": "affected"
      },
      {
        "version": ">=3.4.0, <3.4.12",
        "status": "affected"
      }
    ]
  }
]

References

gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0581.json

gitlab.com/wireshark/wireshark/-/issues/17935

lists.debian.org/debian-lts-announce/2022/03/msg00041.html

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRJ24JRKLA6XMDKLGVTOPM5KBBU4UHLN/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3DZD2JU56ZI4XV2B3HGVGA5PXQDNA5T/

security.gentoo.org/glsa/202210-04

www.wireshark.org/security/wnpa-sec-2022-05.html

CVSS3

6.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

AI Score

8.7

Confidence

High

EPSS

0.004

Percentile

72.8%

Related for CVELIST:CVE-2022-0581

redhatcve1 cnvd1 debiancve1 cve1 veracode1 osv2 ubuntucve1 alpinelinux1 cbl_mariner1 nvd1 prion1 nessus13 openvas5 altlinux2 fedora2 kaspersky1 suse1 photon4 debian1 gentoo1