Lucene search

[email protected]NVD:CVE-2017-10983

HistoryJul 17, 2017 - 5:29 p.m.

CVE-2017-10983

2017-07-1717:29:00

CWE-119

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8.5 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.2%

JSON

An FR-GV-206 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows “DHCP - Read overflow when decoding option 63” and a denial of service.

Affected configurations

NVD

Node

freeradiusfreeradiusMatch2.0.0

freeradiusfreeradiusMatch2.0.0pre1

freeradiusfreeradiusMatch2.0.0pre2

freeradiusfreeradiusMatch2.0.1

freeradiusfreeradiusMatch2.0.2

freeradiusfreeradiusMatch2.0.3

freeradiusfreeradiusMatch2.0.4

freeradiusfreeradiusMatch2.0.5

freeradiusfreeradiusMatch2.1.0

freeradiusfreeradiusMatch2.1.1

freeradiusfreeradiusMatch2.1.2

freeradiusfreeradiusMatch2.1.3

freeradiusfreeradiusMatch2.1.4

freeradiusfreeradiusMatch2.1.6

freeradiusfreeradiusMatch2.1.7

freeradiusfreeradiusMatch2.1.8

freeradiusfreeradiusMatch2.1.9

freeradiusfreeradiusMatch2.1.10

freeradiusfreeradiusMatch2.1.11

freeradiusfreeradiusMatch2.1.12

freeradiusfreeradiusMatch2.2.0

freeradiusfreeradiusMatch2.2.1

freeradiusfreeradiusMatch2.2.2

freeradiusfreeradiusMatch2.2.3

freeradiusfreeradiusMatch2.2.4

freeradiusfreeradiusMatch2.2.5

freeradiusfreeradiusMatch2.2.6

freeradiusfreeradiusMatch2.2.7

freeradiusfreeradiusMatch2.2.8

freeradiusfreeradiusMatch2.2.9

freeradiusfreeradiusMatch3.0.0

freeradiusfreeradiusMatch3.0.1

freeradiusfreeradiusMatch3.0.2

freeradiusfreeradiusMatch3.0.3

freeradiusfreeradiusMatch3.0.4

freeradiusfreeradiusMatch3.0.5

freeradiusfreeradiusMatch3.0.6

freeradiusfreeradiusMatch3.0.7

freeradiusfreeradiusMatch3.0.8

freeradiusfreeradiusMatch3.0.9

freeradiusfreeradiusMatch3.0.10

freeradiusfreeradiusMatch3.0.11

freeradiusfreeradiusMatch3.0.12

freeradiusfreeradiusMatch3.0.13

freeradiusfreeradiusMatch3.0.14

References

freeradius.org/security/fuzzer-2017.html

www.debian.org/security/2017/dsa-3930

www.securityfocus.com/bid/99915

www.securitytracker.com/id/1038914

access.redhat.com/errata/RHSA-2017:1759

access.redhat.com/errata/RHSA-2017:2389

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8.5 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.2%

JSON

Related for NVD:CVE-2017-10983

redhatcve1 veracode1 ubuntucve1 osv3 debiancve1 prion1 cvelist1 cve1 openvas15 nessus25 fedora2 debian3 redhat2 amazon1 centos2 oraclelinux2 archlinux1 suse2 ubuntu1 mageia1