CVE-2018-16881

{"id": "CVE-2018-16881", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "secalert@redhat.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2019-01-25T18:29:00.257", "references": [{"url": "https://access.redhat.com/errata/RHBA-2019:2501", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2019:2110", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2019:2437", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2019:2439", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16881", "tags": ["Issue Tracking", "Mitigation", "Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00028.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-190"}]}, {"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-190"}]}], "descriptions": [{"lang": "en", "value": "A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash. Versions before 8.27.0 are vulnerable."}, {"lang": "es", "value": "Se ha detectado una vulnerabilidad de denegaci\u00f3n de servicio (DoS) en rsyslog en el m\u00f3dulo imptcp. Un atacante podr\u00eda enviar un mensaje especialmente manipulado al socket imptcp, lo que conducir\u00eda al cierre forzado de rsyslog. Las versiones anteriores a la 8.27.0 son vulnerables."}], "lastModified": "2022-10-06T16:13:13.727", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:rsyslog:rsyslog:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09D6181E-8ED9-43C4-9393-FE7780EC919C", "versionEndExcluding": "8.27.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FA1A18F-D997-4121-A01B-FD9B3BF266CF"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "566507B6-AC95-47F7-A3FB-C6F414E45F51"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1CDCFF34-6F1D-45A1-BE37-6A0E17B04801"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B4A684C7-88FD-43C4-9BDB-AE337FCBD0AB"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37CE1DC7-72C5-483C-8921-0B462C8284D1"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6BBD7A51-0590-4DDF-8249-5AFA8D645CB6"}, {"criteria": "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BB28F9AF-3D06-4532-B397-96D7E4792503"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}