{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-2169", "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "state": "PUBLISHED", "assignerShortName": "certcc", "dateReserved": "2024-03-04T16:29:42.695Z", "datePublished": "2024-03-19T19:50:10.700Z", "dateUpdated": "2024-09-04T12:04:51.230Z"}, "containers": {"cna": {"title": "Implementations of UDP application protocols are susceptible to network loops and denial of service", "descriptions": [{"lang": "en", "value": "Implementations of UDP application protocol are vulnerable to network loops. An unauthenticated attacker can use maliciously-crafted packets against a vulnerable implementation that can lead to Denial of Service (DOS) and/or abuse of resources."}], "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Thanks to the reporters Yepeng Pan and Christian Rossow from the CISPA Helmholtz Center for Information Security, Germany."}], "affected": [{"vendor": "MikroTik", "product": "RouterOS-TFTP", "versions": [{"status": "affected", "version": "*", "lessThanOrEqual": "7.13.2", "versionType": "custom"}]}, {"vendor": "Microsoft", "product": "WDS", "versions": [{"status": "affected", "version": "*"}]}, {"vendor": "dproxy-nexgen", "product": "dproxy-nexgen", "versions": [{"status": "affected", "version": "0.1", "lessThanOrEqual": "0.5", "versionType": "custom"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-406: Insufficient Control of Network Message Volume (Network Amplification)"}]}], "references": [{"url": "https://kb.cert.org/vuls/id/417980"}, {"url": "https://www.kb.cert.org/vuls/id/417980"}], "x_generator": {"engine": "VINCE 2.1.12", "env": "prod", "origin": "https://cveawg.mitre.org/api/cve/CVE-2024-2169"}, "providerMetadata": {"orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc", "dateUpdated": "2024-03-19T19:59:53.925Z"}}, "adp": [{"title": "CVE Program Container", "references": [{"url": "https://kb.cert.org/vuls/id/417980", "tags": ["x_transferred"]}, {"url": "https://www.kb.cert.org/vuls/id/417980", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/09/04/1"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-09-04T12:04:51.230Z"}}, {"affected": [{"vendor": "mikrotik", "product": "routeros_tftp", "cpes": ["cpe:2.3:a:mikrotik:routeros_tftp:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "7.13.2", "versionType": "custom"}]}, {"vendor": "microsoft", "product": "wds", "cpes": ["cpe:2.3:a:microsoft:wds:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "dproxy-nexgen_project", "product": "dproxy-nexgen", "cpes": ["cpe:2.3:a:dproxy-nexgen_project:dproxy-nexgen:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0.1", "status": "affected", "lessThanOrEqual": "0.5", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-08-02T16:48:38.161456Z", "id": "CVE-2024-2169", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-02T16:53:26.755Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://kb.cert.org/vuls/id/417980", "tags": ["x_transferred"]}, {"url": "https://www.kb.cert.org/vuls/id/417980", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/09/04/1"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-09-04T12:04:51.230Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-2169", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-02T16:48:38.161456Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:mikrotik:routeros_tftp:*:*:*:*:*:*:*:*"], "vendor": "mikrotik", "product": "routeros_tftp", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "7.13.2"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:microsoft:wds:*:*:*:*:*:*:*:*"], "vendor": "microsoft", "product": "wds", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:dproxy-nexgen_project:dproxy-nexgen:-:*:*:*:*:*:*:*"], "vendor": "dproxy-nexgen_project", "product": "dproxy-nexgen", "versions": [{"status": "affected", "version": "0.1", "versionType": "custom", "lessThanOrEqual": "0.5"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-02T16:51:21.436Z"}}], "cna": {"title": "Implementations of UDP application protocols are susceptible to network loops and denial of service", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Thanks to the reporters Yepeng Pan and Christian Rossow from the CISPA Helmholtz Center for Information Security, Germany."}], "affected": [{"vendor": "MikroTik", "product": "RouterOS-TFTP", "versions": [{"status": "affected", "version": "*", "versionType": "custom", "lessThanOrEqual": "7.13.2"}]}, {"vendor": "Microsoft", "product": "WDS", "versions": [{"status": "affected", "version": "*"}]}, {"vendor": "dproxy-nexgen", "product": "dproxy-nexgen", "versions": [{"status": "affected", "version": "0.1", "versionType": "custom", "lessThanOrEqual": "0.5"}]}], "references": [{"url": "https://kb.cert.org/vuls/id/417980"}, {"url": "https://www.kb.cert.org/vuls/id/417980"}], "x_generator": {"env": "prod", "engine": "VINCE 2.1.12", "origin": "https://cveawg.mitre.org/api/cve/CVE-2024-2169"}, "descriptions": [{"lang": "en", "value": "Implementations of UDP application protocol are vulnerable to network loops. An unauthenticated attacker can use maliciously-crafted packets against a vulnerable implementation that can lead to Denial of Service (DOS) and/or abuse of resources."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-406: Insufficient Control of Network Message Volume (Network Amplification)"}]}], "providerMetadata": {"orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc", "dateUpdated": "2024-03-19T19:59:53.925Z"}}}, "cveMetadata": {"cveId": "CVE-2024-2169", "state": "PUBLISHED", "dateUpdated": "2024-09-04T12:04:51.230Z", "dateReserved": "2024-03-04T16:29:42.695Z", "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "datePublished": "2024-03-19T19:50:10.700Z", "assignerShortName": "certcc"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "Implementations of UDP application protocol are vulnerable to network loops. An unauthenticated attacker can use maliciously-crafted packets against a vulnerable implementation that can lead to Denial of Service (DOS) and/or abuse of resources."}, {"lang": "es", "value": "Las implementaciones del protocolo de aplicaci\u00f3n UDP son vulnerables a los bucles de red. Un atacante no autenticado puede utilizar paquetes manipulados con fines malintencionados contra una implementaci\u00f3n vulnerable que puede provocar una denegaci\u00f3n de servicio (DOS) y/o un abuso de recursos."}], "id": "CVE-2024-2169", "lastModified": "2024-11-21T09:09:10.397", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-03-19T20:15:07.320", "references": [{"source": "cret@cert.org", "url": "https://kb.cert.org/vuls/id/417980"}, {"source": "cret@cert.org", "url": "https://www.kb.cert.org/vuls/id/417980"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2024/09/04/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://kb.cert.org/vuls/id/417980"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.kb.cert.org/vuls/id/417980"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "udp: Implementations of UDP protocol are vulnerable to network loops", "id": "2272753", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272753"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["Implementations of UDP application protocol are vulnerable to network loops. An unauthenticated attacker can use maliciously-crafted packets against a vulnerable implementation that can lead to Denial of Service (DOS) and/or abuse of resources.", "A vulnerability was found in certain UPD protocol implementations. This issue may allow an unauthenticated attacker to send maliciously crafted packages leading to a denial of service on the targeted system. An attacker needs to perform the attack on a vulnerable server in order to meet the conditions to create the necessary traffic-loop for a successful attack."], "name": "CVE-2024-2169", "package_state": [{"cpe": "cpe:/a:redhat:ansible_automation_platform", "fix_state": "Not affected", "package_name": "rsyslog", "product_name": "Red Hat Ansible Automation Platform 1.2"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "bind", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "dhcp", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "dnsmasq", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "net-snmp", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rsyslog", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "tftp", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "bind", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "dnsmasq", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "net-snmp", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "ntp", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "rsyslog", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "rsyslog7", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "tftp", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "bind", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "dnsmasq", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "net-snmp", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "ntp", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "rsyslog", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "tftp", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "bind", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "bind9.16", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "dnsmasq", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "net-snmp", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "rsyslog", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "tftp", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "bind", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "dhcp", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "dnsmasq", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "net-snmp", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rsyslog", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "tftp", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-03-20T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-2169\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-2169"], "statement": "Red Hat is aware of the existence of CVE-2024-2169 and has investigated the impact in several packages distributed across Red Hat Enterprise Linux versions.\nThe versions of the NTP package shipped with Red Hat Enterprise Linux 6 and 7 are not vulnerable to this attack, as this issue was dependent on CVE-2009-3563 present in ntp up to 4.2.4p8 and 4.2.5, which are older than the versions shipped with the mentioned products.\nPackage implementations of DNS (such as dnsmasq and bind), tftp, and dhcp packages as distributed with Red Hat Enterprise Linux are not affected by this vulnerability as all of it uses a random source port for response, making it impossible to perform a traffic-loop attack.", "threat_severity": "Moderate"}

{}