Lucene search

K
ubuntucveUbuntu.comUB:CVE-2018-1000872
HistoryDec 20, 2018 - 12:00 a.m.

CVE-2018-1000872

2018-12-2000:00:00
ubuntu.com
ubuntu.com
8

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.033 Low

EPSS

Percentile

91.3%

OpenKMIP PyKMIP version All versions before 0.8.0 contains a CWE 399:
Resource Management Errors (similar issue to CVE-2015-5262) vulnerability
in PyKMIP server that can result in DOS: the server can be made unavailable
by one or more clients opening all of the available sockets. This attack
appear to be exploitable via A client or clients open sockets with the
server and then never close them. This vulnerability appears to have been
fixed in 0.8.0.

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.033 Low

EPSS

Percentile

91.3%