CVE-2019-12258 HIGH

Published: 2019-08-09 | Last Modified: 2026-06-17 | Status: Modified

Description

Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. This is a IPNET security vulnerability: DoS of TCP connection via malformed TCP options.

Additional Descriptions (1)

Wind River VxWorks versiones 6.6 hasta vx7, presenta una Fijación de Sesión en el componente TCP. Se trata de una vulnerabilidad de seguridad de IPNET: DoS de la conexión TCP por medio de opciones TCP malformadas.

CVSS Metrics

Base Score: 7.5 (HIGH)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector	NETWORK
Attack Complexity	LOW
Privileges Required	NONE
User Interaction	NONE
Scope	UNCHANGED
Confidentiality Impact	NONE
Integrity Impact	NONE
Availability Impact	HIGH

Source: [email protected]

Type: Primary

Exploitability Score: 3.9

Impact Score: 3.6

Base Score: 5.0 (MEDIUM)

AV:N/AC:L/Au:N/C:N/I:N/A:P

Access Vector	NETWORK
Access Complexity	LOW
Authentication	NONE
Confidentiality Impact	NONE
Integrity Impact	NONE
Availability Impact	PARTIAL

Source: [email protected]

Type: Primary

Exploitability Score: 10.0

Impact Score: 2.9

Weaknesses

Source	Type	Description
[email protected]	Primary	en CWE-384

Affected Products

Vendor	Product	Version	Update	Type
windriver	vxworks	*	<built-in method update of dict object at 0x72a9ccfa5380>	Operating System
windriver	vxworks	7.0	<built-in method update of dict object at 0x72a9ccfa5fc0>	Operating System
sonicwall	sonicos	*	<built-in method update of dict object at 0x72a9b0a75f00>	Operating System
sonicwall	sonicos	*	<built-in method update of dict object at 0x72a9b0a75c40>	Operating System
sonicwall	sonicos	*	<built-in method update of dict object at 0x72a9ccfa6940>	Operating System
sonicwall	sonicos	*	<built-in method update of dict object at 0x72a9cc877000>	Operating System
sonicwall	sonicos	*	<built-in method update of dict object at 0x72a9cc67a000>	Operating System
sonicwall	sonicos	*	<built-in method update of dict object at 0x72a9cc7756c0>	Operating System
sonicwall	sonicos	*	<built-in method update of dict object at 0x72a9cc678ac0>	Operating System
sonicwall	sonicos	*	<built-in method update of dict object at 0x72a9cc876140>	Operating System
sonicwall	sonicos	*	<built-in method update of dict object at 0x72a9cc67a480>	Operating System
sonicwall	sonicos	*	<built-in method update of dict object at 0x72a9cc8756c0>	Operating System
sonicwall	sonicos	*	<built-in method update of dict object at 0x72a9cc679100>	Operating System
sonicwall	sonicos	*	<built-in method update of dict object at 0x72a9cc425e00>	Operating System
sonicwall	sonicos	*	<built-in method update of dict object at 0x72a9cd0868c0>	Operating System
sonicwall	sonicos	6.2.7.0	<built-in method update of dict object at 0x72a9cc67bb00>	Operating System
sonicwall	sonicos	6.2.7.1	<built-in method update of dict object at 0x72a9ccfa7b40>	Operating System
sonicwall	sonicos	6.2.7.7	<built-in method update of dict object at 0x72a9cd086880>	Operating System
siemens	siprotec_5_firmware	*	<built-in method update of dict object at 0x72a9cc679b00>	Operating System
netapp	e-series_santricity_os_controller	*	<built-in method update of dict object at 0x72a9b0a76f00>	Operating System
siemens	siprotec_5_firmware	*	<built-in method update of dict object at 0x72a9b0a75380>	Operating System
siemens	power_meter_9410_firmware	*	<built-in method update of dict object at 0x72a9ccfa6240>	Operating System
siemens	power_meter_9810_firmware	*	<built-in method update of dict object at 0x72a9cc678ec0>	Operating System
siemens	ruggedcom_win7000_firmware	*	<built-in method update of dict object at 0x72a9cc875a80>	Operating System
siemens	ruggedcom_win7018_firmware	*	<built-in method update of dict object at 0x72a9cc5deec0>	Operating System
siemens	ruggedcom_win7025_firmware	*	<built-in method update of dict object at 0x72a9cc679a40>	Operating System
siemens	ruggedcom_win7200_firmware	*	<built-in method update of dict object at 0x72a9cc434880>	Operating System
belden	hirschmann_hios	*	<built-in method update of dict object at 0x72a9cc679400>	Operating System
belden	hirschmann_hios	*	<built-in method update of dict object at 0x72a9cc424680>	Operating System
belden	hirschmann_hios	*	<built-in method update of dict object at 0x72a9cc424600>	Operating System
belden	hirschmann_hios	*	<built-in method update of dict object at 0x72a9cc427880>	Operating System
belden	garrettcom_magnum_dx940e_firmware	*	<built-in method update of dict object at 0x72a9cc4269c0>	Operating System

Affected Configurations

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:o:windriver:vxworks::::::::`
Yes	`cpe:2.3:o:windriver:vxworks:7.0:-::::::`

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:o:sonicwall:sonicos::::::::`
Yes	`cpe:2.3:o:sonicwall:sonicos::::::::`
Yes	`cpe:2.3:o:sonicwall:sonicos::::::::`
Yes	`cpe:2.3:o:sonicwall:sonicos::::::::`
Yes	`cpe:2.3:o:sonicwall:sonicos::::::::`
Yes	`cpe:2.3:o:sonicwall:sonicos::::::::`
Yes	`cpe:2.3:o:sonicwall:sonicos::::::::`
Yes	`cpe:2.3:o:sonicwall:sonicos::::::::`
Yes	`cpe:2.3:o:sonicwall:sonicos::::::::`
Yes	`cpe:2.3:o:sonicwall:sonicos::::::::`
Yes	`cpe:2.3:o:sonicwall:sonicos::::::::`
Yes	`cpe:2.3:o:sonicwall:sonicos::::::::`
Yes	`cpe:2.3:o:sonicwall:sonicos::::::::`
Yes	`cpe:2.3:o:sonicwall:sonicos:6.2.7.0:::::::*`
Yes	`cpe:2.3:o:sonicwall:sonicos:6.2.7.1:::::::*`
Yes	`cpe:2.3:o:sonicwall:sonicos:6.2.7.7:::::::*`

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:o:siemens:siprotec_5_firmware:::::::*:cp200`

Operator: OR

Vulnerable	CPE
No	`cpe:2.3:h:siemens:siprotec_5:-:::::::*`

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:o:netapp:e-series_santricity_os_controller::::::::`

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:o:siemens:siprotec_5_firmware:::::::*:cp300`

Operator: OR

Vulnerable	CPE
No	`cpe:2.3:h:siemens:siprotec_5:-:::::::*`

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:o:siemens:power_meter_9410_firmware::::::::`

Operator: OR

Vulnerable	CPE
No	`cpe:2.3:h:siemens:power_meter_9410:-:::::::*`

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:o:siemens:power_meter_9810_firmware::::::::`

Operator: OR

Vulnerable	CPE
No	`cpe:2.3:h:siemens:power_meter_9810:-:::::::*`

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:o:siemens:ruggedcom_win7000_firmware::::::::`

Operator: OR

Vulnerable	CPE
No	`cpe:2.3:h:siemens:ruggedcom_win7000:-:::::::*`

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:o:siemens:ruggedcom_win7018_firmware::::::::`

Operator: OR

Vulnerable	CPE
No	`cpe:2.3:h:siemens:ruggedcom_win7018:-:::::::*`

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:o:siemens:ruggedcom_win7025_firmware::::::::`

Operator: OR

Vulnerable	CPE
No	`cpe:2.3:h:siemens:ruggedcom_win7025:-:::::::*`

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:o:siemens:ruggedcom_win7200_firmware::::::::`

Operator: OR

Vulnerable	CPE
No	`cpe:2.3:h:siemens:ruggedcom_win7200:-:::::::*`

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:o:belden:hirschmann_hios::::::::`

Operator: OR

Vulnerable	CPE
No	`cpe:2.3:h:belden:hirschmann_ees20:-:::::::*`
No	`cpe:2.3:h:belden:hirschmann_ees25:-:::::::*`
No	`cpe:2.3:h:belden:hirschmann_eesx20:-:::::::*`
No	`cpe:2.3:h:belden:hirschmann_eesx30:-:::::::*`
No	`cpe:2.3:h:belden:hirschmann_grs1020:-:::::::*`
No	`cpe:2.3:h:belden:hirschmann_grs1030:-:::::::*`
No	`cpe:2.3:h:belden:hirschmann_grs1042:-:::::::*`
No	`cpe:2.3:h:belden:hirschmann_grs1120:-:::::::*`
No	`cpe:2.3:h:belden:hirschmann_grs1130:-:::::::*`
No	`cpe:2.3:h:belden:hirschmann_grs1142:-:::::::*`
No	`cpe:2.3:h:belden:hirschmann_msp30:-:::::::*`
No	`cpe:2.3:h:belden:hirschmann_msp32:-:::::::*`
No	`cpe:2.3:h:belden:hirschmann_rail_switch_power_lite:-:::::::*`
No	`cpe:2.3:h:belden:hirschmann_rail_switch_power_smart:-:::::::*`
No	`cpe:2.3:h:belden:hirschmann_red25:-:::::::*`
No	`cpe:2.3:h:belden:hirschmann_rsp20:-:::::::*`
No	`cpe:2.3:h:belden:hirschmann_rsp25:-:::::::*`
No	`cpe:2.3:h:belden:hirschmann_rsp30:-:::::::*`
No	`cpe:2.3:h:belden:hirschmann_rsp35:-:::::::*`
No	`cpe:2.3:h:belden:hirschmann_rspe30:-:::::::*`
No	`cpe:2.3:h:belden:hirschmann_rspe32:-:::::::*`
No	`cpe:2.3:h:belden:hirschmann_rspe35:-:::::::*`
No	`cpe:2.3:h:belden:hirschmann_rspe37:-:::::::*`

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:o:belden:hirschmann_hios::::::::`

Operator: OR

Vulnerable	CPE
No	`cpe:2.3:h:belden:hirschmann_msp40:-:::::::*`
No	`cpe:2.3:h:belden:hirschmann_octopus_os3:-:::::::*`

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:o:belden:hirschmann_hios::::::::`

Operator: OR

Vulnerable	CPE
No	`cpe:2.3:h:belden:hirschmann_dragon_mach4000:-:::::::*`
No	`cpe:2.3:h:belden:hirschmann_dragon_mach4500:-:::::::*`

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:o:belden:hirschmann_hios::::::::`

Operator: OR

Vulnerable	CPE
No	`cpe:2.3:h:belden:hirschmann_eagle_one:-:::::::*`
No	`cpe:2.3:h:belden:hirschmann_eagle20:-:::::::*`
No	`cpe:2.3:h:belden:hirschmann_eagle30:-:::::::*`

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:o:belden:garrettcom_magnum_dx940e_firmware::::::::`

Operator: OR

Vulnerable	CPE
No	`cpe:2.3:h:belden:garrettcom_magnum_dx940e:-:::::::*`

References

https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf
Source: [email protected]

Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf
Source: [email protected]

Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf
Source: [email protected]

Third Party Advisory
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009
Source: [email protected]

Third Party Advisory
https://security.netapp.com/advisory/ntap-20190802-0001/
Source: [email protected]

Third Party Advisory
https://support.f5.com/csp/article/K41190253
Source: [email protected]

Third Party Advisory
https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12258
Source: [email protected]

Vendor Advisory
https://support2.windriver.com/index.php?page=security-notices
Source: [email protected]

Issue Tracking Vendor Advisory
https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/
Source: [email protected]

Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory
https://security.netapp.com/advisory/ntap-20190802-0001/
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory
https://support.f5.com/csp/article/K41190253
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory
https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12258
Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory
https://support2.windriver.com/index.php?page=security-notices
Source: af854a3a-2127-422b-91ae-364da2661108

Issue Tracking Vendor Advisory
https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/
Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory