{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-37151", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-06-03T17:29:38.328Z", "datePublished": "2024-07-11T14:39:32.766Z", "dateUpdated": "2024-08-02T03:50:54.763Z"}, "containers": {"cna": {"title": "Suricata defrag: IP ID reuse can lead to policy bypass", "problemTypes": [{"descriptions": [{"cweId": "CWE-754", "lang": "en", "description": "CWE-754: Improper Check for Unusual or Exceptional Conditions", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24"}, {"name": "https://github.com/OISF/suricata/commit/9d5c4273cb7e5ca65f195f7361f0d848c85180e0", "tags": ["x_refsource_MISC"], "url": "https://github.com/OISF/suricata/commit/9d5c4273cb7e5ca65f195f7361f0d848c85180e0"}, {"name": "https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6b", "tags": ["x_refsource_MISC"], "url": "https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6b"}, {"name": "https://redmine.openinfosecfoundation.org/issues/7041", "tags": ["x_refsource_MISC"], "url": "https://redmine.openinfosecfoundation.org/issues/7041"}, {"name": "https://redmine.openinfosecfoundation.org/issues/7042", "tags": ["x_refsource_MISC"], "url": "https://redmine.openinfosecfoundation.org/issues/7042"}], "affected": [{"vendor": "OISF", "product": "suricata", "versions": [{"version": ">= 6.0.0, < 6.0.20", "status": "affected"}, {"version": ">= 7.0.0,< 7.0.6", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-07-11T14:39:32.766Z"}, "descriptions": [{"lang": "en", "value": "Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. \nMishandling of multiple fragmented packets using the same IP ID value can lead to packet reassembly failure, which can lead to policy bypass. Upgrade to 7.0.6 or 6.0.20. When using af-packet, enable `defrag` to reduce the scope of the problem."}], "source": {"advisory": "GHSA-qrp7-g66m-px24", "discovery": "UNKNOWN"}}, "adp": [{"affected": [{"vendor": "oisf", "product": "suricata", "cpes": ["cpe:2.3:a:oisf:suricata:6.0.0:-:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6.0.0", "status": "affected", "lessThan": "6.0.20", "versionType": "custom"}]}, {"vendor": "oisf", "product": "suricata", "cpes": ["cpe:2.3:a:oisf:suricata:7.0.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "7.0.0", "status": "affected", "lessThan": "7.0.6", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-11T15:59:30.704290Z", "id": "CVE-2024-37151", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-12T15:51:20.755Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:50:54.763Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24"}, {"name": "https://github.com/OISF/suricata/commit/9d5c4273cb7e5ca65f195f7361f0d848c85180e0", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/OISF/suricata/commit/9d5c4273cb7e5ca65f195f7361f0d848c85180e0"}, {"name": "https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6b", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6b"}, {"name": "https://redmine.openinfosecfoundation.org/issues/7041", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://redmine.openinfosecfoundation.org/issues/7041"}, {"name": "https://redmine.openinfosecfoundation.org/issues/7042", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://redmine.openinfosecfoundation.org/issues/7042"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24", "name": "https://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://github.com/OISF/suricata/commit/9d5c4273cb7e5ca65f195f7361f0d848c85180e0", "name": "https://github.com/OISF/suricata/commit/9d5c4273cb7e5ca65f195f7361f0d848c85180e0", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6b", "name": "https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6b", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://redmine.openinfosecfoundation.org/issues/7041", "name": "https://redmine.openinfosecfoundation.org/issues/7041", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://redmine.openinfosecfoundation.org/issues/7042", "name": "https://redmine.openinfosecfoundation.org/issues/7042", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:50:54.763Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-37151", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-11T15:59:30.704290Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:oisf:suricata:6.0.0:-:*:*:*:*:*:*"], "vendor": "oisf", "product": "suricata", "versions": [{"status": "affected", "version": "6.0.0", "lessThan": "6.0.20", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:oisf:suricata:7.0.0:*:*:*:*:*:*:*"], "vendor": "oisf", "product": "suricata", "versions": [{"status": "affected", "version": "7.0.0", "lessThan": "7.0.6", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-11T16:04:03.011Z"}}], "cna": {"title": "Suricata defrag: IP ID reuse can lead to policy bypass", "source": {"advisory": "GHSA-qrp7-g66m-px24", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "OISF", "product": "suricata", "versions": [{"status": "affected", "version": ">= 6.0.0, < 6.0.20"}, {"status": "affected", "version": ">= 7.0.0,< 7.0.6"}]}], "references": [{"url": "https://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24", "name": "https://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/OISF/suricata/commit/9d5c4273cb7e5ca65f195f7361f0d848c85180e0", "name": "https://github.com/OISF/suricata/commit/9d5c4273cb7e5ca65f195f7361f0d848c85180e0", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6b", "name": "https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6b", "tags": ["x_refsource_MISC"]}, {"url": "https://redmine.openinfosecfoundation.org/issues/7041", "name": "https://redmine.openinfosecfoundation.org/issues/7041", "tags": ["x_refsource_MISC"]}, {"url": "https://redmine.openinfosecfoundation.org/issues/7042", "name": "https://redmine.openinfosecfoundation.org/issues/7042", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. \nMishandling of multiple fragmented packets using the same IP ID value can lead to packet reassembly failure, which can lead to policy bypass. Upgrade to 7.0.6 or 6.0.20. When using af-packet, enable `defrag` to reduce the scope of the problem."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-754", "description": "CWE-754: Improper Check for Unusual or Exceptional Conditions"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-07-11T14:39:32.766Z"}}}, "cveMetadata": {"cveId": "CVE-2024-37151", "state": "PUBLISHED", "dateUpdated": "2024-08-02T03:50:54.763Z", "dateReserved": "2024-06-03T17:29:38.328Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-07-11T14:39:32.766Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*", "matchCriteriaId": "C796A1DA-B8E9-45E4-BBCF-7673AB7DDC99", "versionEndExcluding": "6.0.20", "versionStartIncluding": "6.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*", "matchCriteriaId": "108D4F28-A795-4119-A750-9108C85201DC", "versionEndExcluding": "7.0.6", "versionStartIncluding": "7.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. \nMishandling of multiple fragmented packets using the same IP ID value can lead to packet reassembly failure, which can lead to policy bypass. Upgrade to 7.0.6 or 6.0.20. When using af-packet, enable `defrag` to reduce the scope of the problem."}, {"lang": "es", "value": "Suricata es un sistema de detecci\u00f3n de intrusiones en la red, un sistema de prevenci\u00f3n de intrusiones y un motor de monitoreo de seguridad de la red. El mal manejo de varios paquetes fragmentados que utilizan el mismo valor de ID de IP puede provocar un error en el reensamblaje del paquete, lo que puede provocar una omisi\u00f3n de pol\u00edticas. Actualice a 7.0.6 o 6.0.20. Cuando utilice af-packet, habilite `defrag` para reducir el alcance del problema."}], "id": "CVE-2024-37151", "lastModified": "2024-11-21T09:23:18.420", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-07-11T15:15:11.847", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/OISF/suricata/commit/9d5c4273cb7e5ca65f195f7361f0d848c85180e0"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6b"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking"], "url": "https://redmine.openinfosecfoundation.org/issues/7041"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking"], "url": "https://redmine.openinfosecfoundation.org/issues/7042"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/OISF/suricata/commit/9d5c4273cb7e5ca65f195f7361f0d848c85180e0"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6b"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking"], "url": "https://redmine.openinfosecfoundation.org/issues/7041"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking"], "url": "https://redmine.openinfosecfoundation.org/issues/7042"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-754"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-754"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}