{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-11596", "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "state": "PUBLISHED", "assignerShortName": "GitLab", "dateReserved": "2024-11-21T09:30:49.862Z", "datePublished": "2024-11-21T09:30:59.843Z", "dateUpdated": "2024-11-22T15:41:11.586Z"}, "containers": {"cna": {"title": "Buffer Over-read in Wireshark", "descriptions": [{"lang": "en", "value": "ECMP dissector crash in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file"}], "affected": [{"vendor": "Wireshark Foundation", "product": "Wireshark", "versions": [{"version": "4.4.0", "status": "affected", "lessThan": "4.4.2", "versionType": "semver"}, {"version": "4.2.0", "status": "affected", "lessThan": "4.2.9", "versionType": "semver"}], "defaultStatus": "unaffected"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-126: Buffer Over-read", "cweId": "CWE-126", "type": "CWE"}]}], "references": [{"url": "https://www.wireshark.org/security/wnpa-sec-2024-15.html"}, {"url": "https://gitlab.com/wireshark/wireshark/-/issues/20214", "name": "GitLab Issue #20214", "tags": ["issue-tracking", "permissions-required"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH"}}], "solutions": [{"lang": "en", "value": "Upgrade to version 4.4.2, 4.2.9 or above."}], "credits": [{"lang": "en", "value": "Ivan Nardi", "type": "finder"}], "providerMetadata": {"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab", "dateUpdated": "2024-11-21T09:30:59.843Z"}}, "adp": [{"affected": [{"vendor": "wireshark", "product": "wireshark", "cpes": ["cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "4.4.0", "status": "affected", "lessThan": "4.4.2", "versionType": "semver"}, {"version": "4.2.0", "status": "affected", "lessThan": "4.2.9", "versionType": "semver"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-11-22T15:39:01.101667Z", "id": "CVE-2024-11596", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-22T15:41:11.586Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-11596", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-11-22T15:39:01.101667Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*"], "vendor": "wireshark", "product": "wireshark", "versions": [{"status": "affected", "version": "4.4.0", "lessThan": "4.4.2", "versionType": "semver"}, {"status": "affected", "version": "4.2.0", "lessThan": "4.2.9", "versionType": "semver"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-22T15:41:06.136Z"}}], "cna": {"title": "Buffer Over-read in Wireshark", "credits": [{"lang": "en", "type": "finder", "value": "Ivan Nardi"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Wireshark Foundation", "product": "Wireshark", "versions": [{"status": "affected", "version": "4.4.0", "lessThan": "4.4.2", "versionType": "semver"}, {"status": "affected", "version": "4.2.0", "lessThan": "4.2.9", "versionType": "semver"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Upgrade to version 4.4.2, 4.2.9 or above."}], "references": [{"url": "https://www.wireshark.org/security/wnpa-sec-2024-15.html"}, {"url": "https://gitlab.com/wireshark/wireshark/-/issues/20214", "name": "GitLab Issue #20214", "tags": ["issue-tracking", "permissions-required"]}], "descriptions": [{"lang": "en", "value": "ECMP dissector crash in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-126", "description": "CWE-126: Buffer Over-read"}]}], "providerMetadata": {"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab", "dateUpdated": "2024-11-21T09:30:59.843Z"}}}, "cveMetadata": {"cveId": "CVE-2024-11596", "state": "PUBLISHED", "dateUpdated": "2024-11-22T15:41:11.586Z", "dateReserved": "2024-11-21T09:30:49.862Z", "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "datePublished": "2024-11-21T09:30:59.843Z", "assignerShortName": "GitLab"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "ECMP dissector crash in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file"}], "id": "CVE-2024-11596", "lastModified": "2024-11-21T13:57:24.187", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "cve@gitlab.com", "type": "Secondary"}]}, "published": "2024-11-21T11:15:33.350", "references": [{"source": "cve@gitlab.com", "url": "https://gitlab.com/wireshark/wireshark/-/issues/20214"}, {"source": "cve@gitlab.com", "url": "https://www.wireshark.org/security/wnpa-sec-2024-15.html"}], "sourceIdentifier": "cve@gitlab.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-126"}], "source": "cve@gitlab.com", "type": "Primary"}]}

{"bugzilla": {"description": "wireshark: Buffer Over-read in Wireshark", "id": "2327763", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2327763"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.8", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-126", "details": ["ECMP dissector crash in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file", "A flaw was found in Wireshark's ECMP dissector. This vulnerability allows denial of service via packet injection or a crafted capture file."], "name": "CVE-2024-11596", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-11-21T09:30:59Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-11596\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-11596\nhttps://gitlab.com/wireshark/wireshark/-/issues/20214\nhttps://www.wireshark.org/security/wnpa-sec-2024-15.html"], "threat_severity": "Important"}