Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2019-5598

Published: 15/05/2019 Updated: 11/06/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Summary

In FreeBSD 11.3-PRERELEASE before r345378, 12.0-STABLE before r345377, 11.2-RELEASE prior to 11.2-RELEASE-p10, and 12.0-RELEASE prior to 12.0-RELEASE-p4, a bug in pf does not check if the outer ICMP or ICMP6 packet has the same destination IP as the source IP of the inner protocol packet allowing a maliciously crafted ICMP/ICMP6 packet could bypass the packet filter rules and be passed to a host that would otherwise be unavailable.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

freebsd freebsd 11.2

freebsd freebsd 12.0

References

CWE-20https://www.synacktiv.com/posts/systems/icmp-reachable.htmlhttps://security.FreeBSD.org/advisories/FreeBSD-SA-19:06.pf.aschttp://packetstormsecurity.com/files/152934/FreeBSD-Security-Advisory-FreeBSD-SA-19-06.pf.htmlhttp://www.securityfocus.com/bid/108395https://security.netapp.com/advisory/ntap-20190611-0001/https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.htmlhttps://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scriptingCVE-2024-5158XML external entityCVE-2024-4262CVE-2024-2036CVE-2024-4985CVE-2024-21791remote attackersCVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook