{"containers": {"cna": {"affected": [{"product": "dhcp", "vendor": "Red Hat", "versions": [{"status": "affected", "version": "Red Hat Enterprise Linux 6"}, {"status": "affected", "version": "Red Hat Enterprise Linux 7"}]}, {"product": "dhcp", "vendor": "Fedora", "versions": [{"status": "affected", "version": "Fedora 28"}]}], "datePublic": "2018-05-15T00:00:00", "descriptions": [{"lang": "en", "value": "DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol."}], "metrics": [{"cvssV3_0": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-77", "description": "CWE-77", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2018-11-30T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1111"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.tenable.com/security/tns-2018-10"}, {"name": "FEDORA-2018-5392896132", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IDJA4QRR74TMXW34Q3DYYFPVBYRTJBI7/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://access.redhat.com/security/vulnerabilities/3442151"}, {"name": "104195", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/104195"}, {"name": "FEDORA-2018-23ca7a6798", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMTTB54QNTPD2SK6UL32EVQHMZP6BUUD/"}, {"name": "1040912", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1040912"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"}, {"name": "RHSA-2018:1454", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:1454"}, {"name": "RHSA-2018:1455", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:1455"}, {"name": "RHSA-2018:1457", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:1457"}, {"name": "RHSA-2018:1459", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:1459"}, {"name": "RHSA-2018:1453", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:1453"}, {"name": "FEDORA-2018-36058ed9f2", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CDCLLCHYFFXW354HMB5QBXOQOY5BH2EJ/"}, {"name": "RHSA-2018:1524", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:1524"}, {"name": "RHSA-2018:1456", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:1456"}, {"name": "RHSA-2018:1461", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:1461"}, {"name": "44652", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/44652/"}, {"name": "44890", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/44890/"}, {"name": "RHSA-2018:1458", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:1458"}, {"name": "RHSA-2018:1460", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:1460"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T03:51:48.789Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1111"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.tenable.com/security/tns-2018-10"}, {"name": "FEDORA-2018-5392896132", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IDJA4QRR74TMXW34Q3DYYFPVBYRTJBI7/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://access.redhat.com/security/vulnerabilities/3442151"}, {"name": "104195", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/104195"}, {"name": "FEDORA-2018-23ca7a6798", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMTTB54QNTPD2SK6UL32EVQHMZP6BUUD/"}, {"name": "1040912", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1040912"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"}, {"name": "RHSA-2018:1454", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:1454"}, {"name": "RHSA-2018:1455", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:1455"}, {"name": "RHSA-2018:1457", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:1457"}, {"name": "RHSA-2018:1459", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:1459"}, {"name": "RHSA-2018:1453", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:1453"}, {"name": "FEDORA-2018-36058ed9f2", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CDCLLCHYFFXW354HMB5QBXOQOY5BH2EJ/"}, {"name": "RHSA-2018:1524", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:1524"}, {"name": "RHSA-2018:1456", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:1456"}, {"name": "RHSA-2018:1461", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:1461"}, {"name": "44652", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/44652/"}, {"name": "44890", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/44890/"}, {"name": "RHSA-2018:1458", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:1458"}, {"name": "RHSA-2018:1460", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:1460"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2018-1111", "datePublished": "2018-05-17T16:00:00", "dateReserved": "2017-12-04T00:00:00", "dateUpdated": "2024-08-05T03:51:48.789Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:26:*:*:*:*:*:*:*", "matchCriteriaId": "6E4D8269-B407-4C24-AAB0-02F885C7D752", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:27:*:*:*:*:*:*:*", "matchCriteriaId": "DBEACBFF-6D05-4B69-BF7A-F7E539D9BF6E", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "matchCriteriaId": "DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "12544770-1AF9-4DD3-BC72-579DA0BC0F3E", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "76DA389E-C042-47E1-989C-0882E12DF35B", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:enterprise_virtualization_host:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "6B8286AD-7632-46C4-AD1E-653CABC4B95B", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "905EC4D0-7604-476A-8176-9FFCEB1DC6B1", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "564DCCFD-77BF-4FB1-A0A0-96104B154282", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*", "matchCriteriaId": "467A831E-C63B-476F-A71F-8FB52556BC45", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*", "matchCriteriaId": "84FF61DF-D634-4FB5-8DF1-01F631BE1A7A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "2E4DC974-235F-4655-966F-2490A4C4E490", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "B99A2411-7F6A-457F-A7BF-EB13C630F902", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "041F9200-4C01-4187-AE34-240E8277B54D", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*", "matchCriteriaId": "4EB48767-F095-444F-9E05-D9AC345AB803", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol."}, {"lang": "es", "value": "Los paquetes DHCP en Red Hat Enterprise Linux 6 y 7, Fedora 28 y anteriores son vulnerables a un error de inyecci\u00f3n de comandos en el script de integraci\u00f3n NetworkManager incluido en el cliente DHCP. Un servidor DHCP malicioso o un atacante en la red ocal capaz de suplantar respuestas DHCP podr\u00eda emplear este error para ejecutar comandos arbitrarios con privilegios root en sistemas que emplean NetworkManager y se configuran para obtener la configuraci\u00f3n de red mediante el protocolo de configuraci\u00f3n din\u00e1mica de host (DHCP)."}], "id": "CVE-2018-1111", "lastModified": "2023-02-12T23:32:38.430", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 5.5, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.6, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.6, "impactScore": 5.9, "source": "secalert@redhat.com", "type": "Secondary"}]}, "published": "2018-05-17T16:29:00.217", "references": [{"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/104195"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1040912"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:1453"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:1454"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:1455"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:1456"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:1457"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:1458"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:1459"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:1460"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:1461"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:1524"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/security/vulnerabilities/3442151"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1111"}, {"source": "secalert@redhat.com", "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"}, {"source": "secalert@redhat.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CDCLLCHYFFXW354HMB5QBXOQOY5BH2EJ/"}, {"source": "secalert@redhat.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IDJA4QRR74TMXW34Q3DYYFPVBYRTJBI7/"}, {"source": "secalert@redhat.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMTTB54QNTPD2SK6UL32EVQHMZP6BUUD/"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "VDB Entry", "Third Party Advisory"], "url": "https://www.exploit-db.com/exploits/44652/"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/44890/"}, {"source": "secalert@redhat.com", "url": "https://www.tenable.com/security/tns-2018-10"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-77"}], "source": "secalert@redhat.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Secondary"}]}

{"acknowledgement": "Red Hat would like to thank Felix Wilhelm (Google Security Team) for reporting this issue.", "affected_release": [{"advisory": "RHSA-2018:1454", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "dhcp-12:4.1.1-53.P1.el6_9.4", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2018-05-15T00:00:00Z"}, {"advisory": "RHSA-2018:1461", "cpe": "cpe:/o:redhat:rhel_aus:6.4", "package": "dhcp-12:4.1.1-34.P1.el6_4.2", "product_name": "Red Hat Enterprise Linux 6.4 Advanced Update Support", "release_date": "2018-05-15T00:00:00Z"}, {"advisory": "RHSA-2018:1460", "cpe": "cpe:/o:redhat:rhel_aus:6.5", "package": "dhcp-12:4.1.1-38.P1.el6_5.1", "product_name": "Red Hat Enterprise Linux 6.5 Advanced Update Support", "release_date": "2018-05-15T00:00:00Z"}, {"advisory": "RHSA-2018:1459", "cpe": "cpe:/o:redhat:rhel_aus:6.6", "package": "dhcp-12:4.1.1-43.P1.el6_6.2", "product_name": "Red Hat Enterprise Linux 6.6 Advanced Update Support", "release_date": "2018-05-15T00:00:00Z"}, {"advisory": "RHSA-2018:1459", "cpe": "cpe:/o:redhat:rhel_tus:6.6", "package": "dhcp-12:4.1.1-43.P1.el6_6.2", "product_name": "Red Hat Enterprise Linux 6.6 Telco Extended Update Support", "release_date": "2018-05-15T00:00:00Z"}, {"advisory": "RHSA-2018:1458", "cpe": "cpe:/o:redhat:rhel_eus:6.7", "package": "dhcp-12:4.1.1-49.P1.el6_7.1", "product_name": "Red Hat Enterprise Linux 6.7 Extended Update Support", "release_date": "2018-05-15T00:00:00Z"}, {"advisory": "RHSA-2018:1453", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "dhcp-12:4.2.5-68.el7_5.1", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2018-05-15T00:00:00Z"}, {"advisory": "RHSA-2018:1457", "cpe": "cpe:/o:redhat:rhel_aus:7.2", "package": "dhcp-12:4.2.5-42.el7_2.1", "product_name": "Red Hat Enterprise Linux 7.2 Advanced Update Support", "release_date": "2018-05-15T00:00:00Z"}, {"advisory": "RHSA-2018:1457", "cpe": "cpe:/o:redhat:rhel_tus:7.2", "package": "dhcp-12:4.2.5-42.el7_2.1", "product_name": "Red Hat Enterprise Linux 7.2 Telco Extended Update Support", "release_date": "2018-05-15T00:00:00Z"}, {"advisory": "RHSA-2018:1457", "cpe": "cpe:/o:redhat:rhel_e4s:7.2", "package": "dhcp-12:4.2.5-42.el7_2.1", "product_name": "Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions", "release_date": "2018-05-15T00:00:00Z"}, {"advisory": "RHSA-2018:1456", "cpe": "cpe:/o:redhat:rhel_eus:7.3", "package": "dhcp-12:4.2.5-47.el7_3.1", "product_name": "Red Hat Enterprise Linux 7.3 Extended Update Support", "release_date": "2018-05-15T00:00:00Z"}, {"advisory": "RHSA-2018:1455", "cpe": "cpe:/o:redhat:rhel_eus:7.4", "package": "dhcp-12:4.2.5-58.el7_4.4", "product_name": "Red Hat Enterprise Linux 7.4 Extended Update Support", "release_date": "2018-05-15T00:00:00Z"}, {"advisory": "RHSA-2018:1524", "cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor", "impact": "low", "package": "imgbased-0:1.0.16-0.1.el7ev", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7", "release_date": "2018-05-15T00:00:00Z"}, {"advisory": "RHSA-2018:1524", "cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor", "impact": "low", "package": "ovirt-node-ng-0:4.2.0-0.20170814.0.el7", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7", "release_date": "2018-05-15T00:00:00Z"}, {"advisory": "RHSA-2018:1524", "cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor", "impact": "low", "package": "redhat-release-virtualization-host-0:4.2-3.0.el7", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7", "release_date": "2018-05-15T00:00:00Z"}, {"advisory": "RHSA-2018:1524", "cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor", "impact": "low", "package": "redhat-virtualization-host-0:4.2-20180508.0", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7", "release_date": "2018-05-15T00:00:00Z"}, {"advisory": "RHSA-2018:1525", "cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor", "impact": "low", "package": "rhvm-appliance-0:4.2-20180504.0", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7", "release_date": "2018-05-15T00:00:00Z"}], "bugzilla": {"description": "dhcp: Command injection vulnerability in the DHCP client NetworkManager integration script", "id": "1567974", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1567974"}, "csaw": true, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-77", "details": ["DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol.", "A command injection flaw was found in the NetworkManager integration script included in the DHCP client packages in Red Hat Enterprise Linux. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol."], "mitigation": {"lang": "en:us", "value": "Please access https://access.redhat.com/security/vulnerabilities/3442151 for information on how to mitigate this issue."}, "name": "CVE-2018-1111", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "dhcp", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "dhcp", "product_name": "Red Hat Enterprise Linux 8"}], "public_date": "2018-05-15T12:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2018-1111\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-1111\nhttps://access.redhat.com/security/vulnerabilities/3442151"], "statement": "Red Hat has been made aware of a vulnerability affecting the DHCP client packages as shipped with Red Hat Enterprise Linux 6 and 7. This vulnerability CVE-2018-1111 was rated as having a security impact of Critical. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol.\nRed Hat Enterprise Virtualization 4.1 includes the vulnerable components, but the default configuration is not impacted because NetworkManager is turned off in the Management Appliance, and not used in conjunction with DHCP in the Hypervisor. Customers can still obtain the updated packages from Red Hat Enterprise Linux channels using `yum update`, or upgrade to Red Hat Enterprise Virtualization 4.2, which includes the fixed packages.\nRed Hat Enterprise Virtualization 3.6 is not vulnerable as it does not use DHCP.", "threat_severity": "Critical"}