9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.8 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.867 High
EPSS
Percentile
98.6%
Software: memcached 1.4.15
OS: Cobalt 7.9
CVE-ID: CVE-2017-9951
CVE-Crit: HIGH
CVE-DESC: The try_read_command function in memcached.c in memcached prior to version 1.4.39 allows remote attackers to cause a denial of service (segmentation error) with an add / set key request, which allows to compare signed and unsigned int and causes a heap-based buffer overflow. NOTE: this vulnerability exists due to an incomplete patch for CVE-2016-8705.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2018-1000127
CVE-Crit: HIGH
CVE-DESC: memcached version before 1.4.37 contains an Integer Overflow vulnerability in items.c: item_free (), which can lead to data corruption and interlocks due to items existing in the hash table being reused from the free list. This attack can be exploited through a network connection to the memcached service. This vulnerability has been patched in version 1.4.37 and later.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2019-11596
CVE-Crit: HIGH
CVE-DESC: In memcached before 1.5.14, null pointer dereferencing was detected in the “lru mode” and “lru temp_ttl” commands. This causes a denial of service when analyzing created lru command messages in process_lru_command in memcached.c.
CVE-STATUS: default
CVE-REV: default
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.8 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.867 High
EPSS
Percentile
98.6%