CVE-2018-16527: Infoleak
First published: Thu Dec 06 2018(Updated: )
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of ICMP packets in prvProcessICMPPacket.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Amazon Amazon Web Services Freertos | <=1.3.1 | |
| Amazon Freertos | <=10.0.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2018-16527.
What is the severity rating of CVE-2018-16527?
CVE-2018-16527 has a severity rating of medium (5.9).
What is the affected software by CVE-2018-16527?
The affected software by CVE-2018-16527 includes Amazon Web Services FreeRTOS through 1.3.1 and FreeRTOS up to V10.0.1 (with FreeRTOS+TCP).
How does CVE-2018-16527 allow information disclosure?
CVE-2018-16527 allows information disclosure during parsing of ICMP packets in prvProcessICMPPacket.
Are there any references available for CVE-2018-16527?
Yes, you can find references for CVE-2018-16527 at the following links: [link1], [link2], [link3].
- collector/nvd-index
- agent/severity
- agent/references
- agent/author
- agent/weakness
- agent/type
- agent/event
- agent/description
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/amazon
- canonical/amazon amazon web services freertos
- version/amazon amazon web services freertos/1.3.1
- canonical/amazon freertos
- version/amazon freertos/10.0.1