Lucene search

[email protected]NVD:CVE-2019-8936

HistoryMay 15, 2019 - 4:29 p.m.

CVE-2019-8936

2019-05-1516:29:01

CWE-476

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.5

Confidence

High

EPSS

0.008

Percentile

82.2%

JSON

NTP through 4.2.8p12 has a NULL Pointer Dereference.

Affected configurations

Nvd

Node

netappclustered_data_ontapRange<9.2

netappdata_ontapMatch-7-mode

Node

fedoraprojectfedoraMatch28

fedoraprojectfedoraMatch29

fedoraprojectfedoraMatch30

Node

opensuseleapMatch15.0

opensuseleapMatch42.3

Node

hpehpux-ntpRange<c.4.2.8.4.0

Node

ntpntpRange<4.2.8

ntpntpMatch4.2.8-

ntpntpMatch4.2.8p1

ntpntpMatch4.2.8p1-beta1

ntpntpMatch4.2.8p1-beta2

ntpntpMatch4.2.8p1-beta3

ntpntpMatch4.2.8p1-beta4

ntpntpMatch4.2.8p1-beta5

ntpntpMatch4.2.8p1-rc1

ntpntpMatch4.2.8p1-rc2

ntpntpMatch4.2.8p10

ntpntpMatch4.2.8p11

ntpntpMatch4.2.8p12

ntpntpMatch4.2.8p2

ntpntpMatch4.2.8p2-rc1

ntpntpMatch4.2.8p2-rc2

ntpntpMatch4.2.8p2-rc3

ntpntpMatch4.2.8p3

ntpntpMatch4.2.8p3-rc1

ntpntpMatch4.2.8p3-rc2

ntpntpMatch4.2.8p3-rc3

ntpntpMatch4.2.8p4

ntpntpMatch4.2.8p5

ntpntpMatch4.2.8p6

ntpntpMatch4.2.8p7

ntpntpMatch4.2.8p8

ntpntpMatch4.2.8p9

VendorProductVersionCPE
netappclustered_data_ontap*cpe:2.3:o:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*
netappdata_ontap-cpe:2.3:o:netapp:data_ontap:-:*:*:*:*:7-mode:*:*
fedoraprojectfedora28cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
fedoraprojectfedora29cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
fedoraprojectfedora30cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
opensuseleap15.0cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
opensuseleap42.3cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
hpehpux-ntp*cpe:2.3:a:hpe:hpux-ntp:*:*:*:*:*:*:*:*
ntpntp*cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*
ntpntp4.2.8cpe:2.3:a:ntp:ntp:4.2.8:-:*:*:*:*:*:*

Vendor	Product	Version	CPE
netapp	clustered_data_ontap	*	cpe:2.3:o:netapp:clustered_data_ontap::::::::
netapp	data_ontap	-	cpe:2.3:o:netapp:data_ontap:-:::::7-mode::
fedoraproject	fedora	28	cpe:2.3:o:fedoraproject:fedora:28:::::::*
fedoraproject	fedora	29	cpe:2.3:o:fedoraproject:fedora:29:::::::*
fedoraproject	fedora	30	cpe:2.3:o:fedoraproject:fedora:30:::::::*
opensuse	leap	15.0	cpe:2.3:o:opensuse:leap:15.0:::::::*
opensuse	leap	42.3	cpe:2.3:o:opensuse:leap:42.3:::::::*
hpe	hpux-ntp	*	cpe:2.3:a:hpe:hpux-ntp::::::::
ntp	ntp	*	cpe:2.3:a:ntp:ntp::::::::
ntp	ntp	4.2.8	cpe:2.3:a:ntp:ntp:4.2.8:-::::::