{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could crash. This was addressed in epan/packet.c by restricting the number of layers and consequently limiting recursion."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-10-31T22:06:11", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15778"}, {"tags": ["x_refsource_MISC"], "url": "https://www.wireshark.org/security/wnpa-sec-2019-19.html"}, {"tags": ["x_refsource_MISC"], "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=7b6e197da4c497e229ed3ebf6952bae5c426a820"}, {"name": "108464", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/108464"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.f5.com/csp/article/K06725231"}, {"name": "USN-4133-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4133-1/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.f5.com/csp/article/K06725231?utm_source=f5support&amp%3Butm_medium=RSS"}, {"name": "[debian-lts-announce] 20201031 [SECURITY] [DLA 2423-1] wireshark security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00036.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-12295", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could crash. This was addressed in epan/packet.c by restricting the number of layers and consequently limiting recursion."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15778", "refsource": "MISC", "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15778"}, {"name": "https://www.wireshark.org/security/wnpa-sec-2019-19.html", "refsource": "MISC", "url": "https://www.wireshark.org/security/wnpa-sec-2019-19.html"}, {"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=7b6e197da4c497e229ed3ebf6952bae5c426a820", "refsource": "MISC", "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=7b6e197da4c497e229ed3ebf6952bae5c426a820"}, {"name": "108464", "refsource": "BID", "url": "http://www.securityfocus.com/bid/108464"}, {"name": "https://support.f5.com/csp/article/K06725231", "refsource": "CONFIRM", "url": "https://support.f5.com/csp/article/K06725231"}, {"name": "USN-4133-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4133-1/"}, {"name": "https://support.f5.com/csp/article/K06725231?utm_source=f5support&utm_medium=RSS", "refsource": "CONFIRM", "url": "https://support.f5.com/csp/article/K06725231?utm_source=f5support&utm_medium=RSS"}, {"name": "[debian-lts-announce] 20201031 [SECURITY] [DLA 2423-1] wireshark security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00036.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T23:17:39.657Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15778"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.wireshark.org/security/wnpa-sec-2019-19.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=7b6e197da4c497e229ed3ebf6952bae5c426a820"}, {"name": "108464", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/108464"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.f5.com/csp/article/K06725231"}, {"name": "USN-4133-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/4133-1/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.f5.com/csp/article/K06725231?utm_source=f5support&amp%3Butm_medium=RSS"}, {"name": "[debian-lts-announce] 20201031 [SECURITY] [DLA 2423-1] wireshark security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00036.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-12295", "datePublished": "2019-05-23T11:56:29", "dateReserved": "2019-05-23T00:00:00", "dateUpdated": "2024-08-04T23:17:39.657Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*", "matchCriteriaId": "9532CF73-D0CF-4B76-92EE-EDEC3A190FB0", "versionEndIncluding": "2.4.14", "versionStartIncluding": "2.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*", "matchCriteriaId": "16B332EB-7ACD-4EC7-81DF-A8A5E71BF503", "versionEndIncluding": "2.6.8", "versionStartIncluding": "2.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*", "matchCriteriaId": "25D55256-98A3-4CE5-A1E5-AAE220327571", "versionEndIncluding": "3.0.1", "versionStartIncluding": "3.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E83D20E8-B24F-43F8-9CAB-8DD44D1B75C8", "versionEndExcluding": "12.1.5.3", "versionStartIncluding": "12.1.3.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "6829A736-8C6C-423A-9555-4C406AC507E0", "versionEndExcluding": "13.1.3.5", "versionStartIncluding": "13.1.1.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "C8480A38-B0D4-453E-A97D-448537918557", "versionEndIncluding": "14.0.1", "versionStartIncluding": "14.0.0.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "874C243A-5A16-4942-AE90-A1B0D4078192", "versionEndExcluding": "14.1.2.8", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "D6A53E3C-3E09-4100-8D5A-10AD4973C230", "versionEndIncluding": "15.0.1", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "DCA6CE41-1D13-4A7A-94D8-C0D5740870A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "C4B5F313-645E-4F60-A1D6-A2F50491A5C9", "versionEndExcluding": "12.1.5.3", "versionStartIncluding": "12.1.3.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "6D9425E1-E2BC-4B76-AC9B-D828E24164B2", "versionEndExcluding": "13.1.3.5", "versionStartIncluding": "13.1.1.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "552633D2-89B8-4C95-9B25-DFF34FF2C752", "versionEndIncluding": "14.0.1", "versionStartIncluding": "14.0.0.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "81A56F9E-5939-4252-8643-0F768AE39E79", "versionEndExcluding": "14.1.2.8", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "FCAE28C2-0ADD-4FD0-A520-EFB764164DD8", "versionEndIncluding": "15.0.1", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "71B7081C-A869-402A-9C58-219B3225DB70", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "DDCB9117-CAEC-4592-AEDB-3C3BF855F97E", "versionEndExcluding": "12.1.5.3", "versionStartIncluding": "12.1.3.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "C621E957-E84F-4E37-8FEC-B4B5B0940C3F", "versionEndExcluding": "13.1.3.5", "versionStartIncluding": "13.1.1.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "C0763C24-EDB4-4EFC-A931-010F25CA8CB9", "versionEndIncluding": "14.0.1", "versionStartIncluding": "14.0.0.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "350E17D3-C6D3-407F-B413-0D3D07A9A735", "versionEndExcluding": "14.1.2.8", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "36A213C6-D6E4-4F38-989D-81D3DFC11829", "versionEndIncluding": "15.0.1", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:15.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "08E29063-889A-4499-AEAC-D79165EA34A8", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "C25EE79E-12E1-47B2-9AE6-F76D2B78EE8E", "versionEndExcluding": "12.1.5.3", "versionStartIncluding": "12.1.3.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "9503695A-E04B-47BC-AD7B-9FD592742259", "versionEndExcluding": "13.1.3.5", "versionStartIncluding": "13.1.1.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "0202325D-4179-41FA-84CF-DBE752A66E04", "versionEndIncluding": "14.0.1", "versionStartIncluding": "14.0.0.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "AF90FBA3-69FA-4053-A749-E7F635A284C1", "versionEndExcluding": "14.1.2.8", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "59D9F39B-206B-4E76-A811-1CAA705A60EE", "versionEndIncluding": "15.0.1", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5C32BB88-ECE9-49C1-B75D-D47A17399C10", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "A26E0393-4053-4F45-B883-6294EE130B18", "versionEndExcluding": "12.1.5.3", "versionStartIncluding": "12.1.3.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "B0F58936-8DC3-451A-A961-37874639019B", "versionEndExcluding": "13.1.3.5", "versionStartIncluding": "13.1.1.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "793C5E6D-CBAC-4AA7-AE72-C9C8934D2427", "versionEndIncluding": "14.0.1", "versionStartIncluding": "14.0.0.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "70099A38-3B84-4C40-8590-BE6C8F7C21A7", "versionEndIncluding": "15.0.1", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "14612AC5-945C-4402-AFF0-5FCE11B7C785", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "CBA986C5-E2D0-42E7-9797-BF5EE8E78410", "versionEndExcluding": "12.1.5.3", "versionStartIncluding": "12.1.3.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "7789E96C-A6AB-4E1D-9427-14D0A06A73E9", "versionEndExcluding": "13.1.3.5", "versionStartIncluding": "13.1.1.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "A7415C5B-A401-480C-9D36-03152EAC8F74", "versionEndIncluding": "14.0.1", "versionStartIncluding": "14.0.0.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "786C0192-BC78-463F-8305-E890F63F153B", "versionEndExcluding": "14.1.2.8", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "1DE40473-ABAE-4D91-8EBB-FB5719E107F6", "versionEndIncluding": "15.0.1", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:15.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "74DEDC05-82FC-4AD5-9DDD-D0D68DA9E26D", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "9F92CBFB-B19B-4AEF-BB1D-FDFB1489E4D1", "versionEndExcluding": "12.1.5.3", "versionStartIncluding": "12.1.3.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "8F22B99E-F253-45AD-910F-FEFBA1E45209", "versionEndExcluding": "13.1.3.5", "versionStartIncluding": "13.1.1.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "5E2B1396-9026-4B0C-8FFA-36E0248DDDAC", "versionEndIncluding": "14.0.1", "versionStartIncluding": "14.0.0.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CBA69D7-13CB-43AB-9CA5-773327444562", "versionEndExcluding": "14.1.2", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "5B85324E-B26B-4B31-B4D0-43438546A411", "versionEndIncluding": "15.0.1", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:15.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "76F48A48-9C6E-49CD-8C89-C4F75BF2982A", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "344CC0AB-F990-422B-BE14-EF6AC1BC96CC", "versionEndExcluding": "12.1.5.3", "versionStartIncluding": "12.1.3.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "2ED19A9B-D02A-4620-AC05-D9E1B00D3982", "versionEndExcluding": "13.1.3.5", "versionStartIncluding": "13.1.1.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "80D51512-5962-4812-A688-CFD10117BE26", "versionEndIncluding": "14.0.1", "versionStartIncluding": "14.0.0.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "4679F821-AB5A-4AA4-BBEE-F9697239D036", "versionEndExcluding": "14.1.2", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "18B5A918-F9AA-4889-94A7-33E6E54CF383", "versionEndIncluding": "15.0.1", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3E634D59-2B6D-49B8-A7BD-E2962CD2B455", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E0738F69-88AB-400A-B490-5C1A967B9D13", "versionEndExcluding": "12.1.5.3", "versionStartIncluding": "12.1.3.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "AC2F8221-43FF-4AC0-8218-E0C2DE1FC900", "versionEndExcluding": "13.1.3.5", "versionStartIncluding": "13.1.1.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C68075C-7D27-4240-B550-FEA19FC70354", "versionEndIncluding": "14.0.1", "versionStartIncluding": "14.0.0.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "50DCC8F9-3393-4131-9B85-EBC2F9EEF4D1", "versionEndExcluding": "14.1.2.8", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "EF606356-8191-478D-AF60-D48A408CD9ED", "versionEndIncluding": "15.0.1", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5756EA61-D0E4-4AC1-882D-71EE4BB6CEB0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "3A46EC65-F9C6-4F64-9045-ABD68DDD5A93", "versionEndExcluding": "12.1.5.3", "versionStartIncluding": "12.1.3.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "6C4C8507-86F8-4572-A65A-803EBC47C577", "versionEndExcluding": "13.1.3.5", "versionStartIncluding": "13.1.1.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "D88D014C-4E04-47B8-A17C-0C4491F78F4B", "versionEndIncluding": "14.0.1", "versionStartIncluding": "14.0.0.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "75AB65FB-DC81-4F50-BC2A-BCAD1EC22635", "versionEndExcluding": "14.1.2.8", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "FA3E37E6-64B9-4668-AC01-933711E1C934", "versionEndIncluding": "15.0.1", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:15.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "E847B072-2E86-416D-9D39-FD796770A0B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "57DAE736-21CD-4148-8390-A579C41CA40E", "versionEndExcluding": "12.1.5.3", "versionStartIncluding": "12.1.3.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E346EE4F-4C76-4D0F-BB21-FD5115C3E319", "versionEndExcluding": "13.1.3.5", "versionStartIncluding": "13.1.1.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "C22497A3-C24C-404F-925D-06082911FEAD", "versionEndIncluding": "14.0.1", "versionStartIncluding": "14.0.0.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "66B64305-66FB-4C99-BD1A-BFE7BE23EE87", "versionEndExcluding": "14.1.2.8", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "8CCD3CF9-EA9D-43FF-8ADA-713B4B5C468E", "versionEndIncluding": "15.0.1", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "461C4C1D-B0F9-44EF-A535-BCE9FE501A94", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "CEC9C9BB-70F3-464A-9959-80ABEFA6D453", "versionEndExcluding": "12.1.5.3", "versionStartIncluding": "12.1.3.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "951B75BE-A977-4131-AF98-D147C9B2EB4C", "versionEndExcluding": "13.1.3.5", "versionStartIncluding": "13.1.1.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "BE2E83F0-B3CA-4A41-BB2B-3486B5B5F677", "versionEndIncluding": "14.0.1", "versionStartIncluding": "14.0.0.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "8134C56F-5979-4501-99BC-40A9921EAAE3", "versionEndExcluding": "14.1.2.8", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC6612AB-E46B-4A8B-9B3E-C711D8C27962", "versionEndIncluding": "15.0.1", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "C1C2B883-EA96-4B51-865B-B1DE1561096C", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBCDD1A4-AEF3-41C8-AA02-2BD13AB97A3D", "versionEndExcluding": "12.1.5.3", "versionStartIncluding": "12.1.3.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "2DD4E3F0-D8DE-47B1-BBF0-3E6FEC9A1653", "versionEndExcluding": "13.1.3.5", "versionStartIncluding": "13.1.1.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "8425DB51-D2B1-41D4-928B-9A1695D1B17B", "versionEndIncluding": "14.0.1", "versionStartIncluding": "14.0.0.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "65242464-34D7-449D-9A4D-C74C14A0354B", "versionEndExcluding": "14.1.2.8", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "BF378F37-554E-498A-8471-48F7544A231F", "versionEndIncluding": "15.0.1", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:15.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5C5A9DDF-C18B-4628-AE26-50FBDAD4654B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could crash. This was addressed in epan/packet.c by restricting the number of layers and consequently limiting recursion."}, {"lang": "es", "value": "En Wireshark versi\u00f3n 3.0.0 a 3.0.1, versi\u00f3n 2.6.0 a 2.6.8 y versi\u00f3n 2.4.0 a 2.4.14, el motor de disecci\u00f3n podr\u00eda fallar. Esto fue direccionado en epan/packet.c por la restricci\u00f3n del n\u00famero de capas y por consiguiente limitando la recursi\u00f3n."}], "id": "CVE-2019-12295", "lastModified": "2024-11-21T04:22:34.513", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-05-23T12:29:00.393", "references": [{"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.securityfocus.com/bid/108464"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Vendor Advisory"], "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15778"}, {"source": "cve@mitre.org", "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=7b6e197da4c497e229ed3ebf6952bae5c426a820"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00036.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://support.f5.com/csp/article/K06725231"}, {"source": "cve@mitre.org", "url": "https://support.f5.com/csp/article/K06725231?utm_source=f5support&amp%3Butm_medium=RSS"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4133-1/"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.wireshark.org/security/wnpa-sec-2019-19.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.securityfocus.com/bid/108464"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch", "Vendor Advisory"], "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15778"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=7b6e197da4c497e229ed3ebf6952bae5c426a820"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00036.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://support.f5.com/csp/article/K06725231"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://support.f5.com/csp/article/K06725231?utm_source=f5support&amp%3Butm_medium=RSS"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4133-1/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.wireshark.org/security/wnpa-sec-2019-19.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-674"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "wireshark: missing dissection recursion checks leads to denial of service", "id": "1831675", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831675"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-674", "details": ["In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could crash. This was addressed in epan/packet.c by restricting the number of layers and consequently limiting recursion."], "name": "CVE-2019-12295", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Out of support scope", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 8"}], "public_date": "2019-05-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2019-12295\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-12295\nhttps://www.wireshark.org/security/wnpa-sec-2019-19.html"], "statement": "During testing we could not reproduce this issue (with a default stack size and the binaries as shipped in our products). It's possible that this issue only manifests itself when using binaries compiled with address sanitizer, which can dramatically increase stack usage. Yet, it also can't be entirely ruled out that there may be a way to exploit this using a method currently unknown to us, thus, this has an impact of Moderate.", "threat_severity": "Moderate", "upstream_fix": "wireshark 3.0.2, wireshark 2.6.9, wireshark 2.4.15"}