CVE-2019-12258
First published: Fri Aug 09 2019(Updated: )
Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. This is a IPNET security vulnerability: DoS of TCP connection via malformed TCP options.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Windriver Vxworks | >=6.5<6.9.4.12 | |
| Windriver Vxworks | =7.0 | |
| SonicWall SonicOS | >=5.9.0.0<=5.9.0.7 | |
| SonicWall SonicOS | >=5.9.1.0.<=5.9.1.12 | |
| SonicWall SonicOS | >=6.2.0.0<=6.2.3.1 | |
| SonicWall SonicOS | >=6.2.4.0<=6.2.4.3 | |
| SonicWall SonicOS | >=6.2.5.0<=6.2.5.3 | |
| SonicWall SonicOS | >=6.2.6.0<=6.2.6.1 | |
| SonicWall SonicOS | >=6.2.7.0<=6.2.7.4 | |
| SonicWall SonicOS | >=6.2.9.0<=6.2.9.2 | |
| SonicWall SonicOS | >=6.5.0.0<=6.5.0.3 | |
| SonicWall SonicOS | >=6.5.1.0<=6.5.1.4 | |
| SonicWall SonicOS | >=6.5.2.0<=6.5.2.3 | |
| SonicWall SonicOS | >=6.5.3.0<=6.5.3.3 | |
| SonicWall SonicOS | >=6.5.4.0.<=6.5.4.3 | |
| SonicWall SonicOS | =6.2.7.0 | |
| SonicWall SonicOS | =6.2.7.1 | |
| SonicWall SonicOS | =6.2.7.7 | |
| Siemens Siprotec 5 Firmware | <7.59 | |
| Siemens Siprotec 5 | ||
| NetApp E-Series SANtricity OS Controller | >=8.00<=8.40.50.00 | |
| Siemens Siprotec 5 Firmware | <7.91 | |
| Siemens Power Meter 9410 Firmware | <2.2.1 | |
| Siemens Power Meter 9410 | ||
| Siemens Power Meter 9810 Firmware | ||
| Siemens Power Meter 9810 | ||
| Siemens Ruggedcom Win7000 Firmware | <bs5.2.461.17 | |
| Siemens Ruggedcom Win7000 | ||
| Siemens Ruggedcom Win7018 Firmware | <bs5.2.461.17 | |
| Siemens Ruggedcom Win7018 | ||
| Siemens Ruggedcom Win7025 Firmware | <bs5.2.461.17 | |
| Siemens Ruggedcom Win7025 | ||
| Siemens Ruggedcom Win7200 Firmware | <bs5.2.461.17 | |
| Siemens Ruggedcom Win7200 | ||
| Belden Hirschmann Hios | <=07.0.07 | |
| Belden Hirschmann Ees20 | ||
| Belden Hirschmann Ees25 | ||
| Belden Hirschmann Eesx20 | ||
| Belden Hirschmann Eesx30 | ||
| Belden Hirschmann Grs1020 | ||
| Belden Hirschmann Grs1030 | ||
| Belden Hirschmann Grs1042 | ||
| Belden Hirschmann Grs1120 | ||
| Belden Hirschmann Grs1130 | ||
| Belden Hirschmann Grs1142 | ||
| Belden Hirschmann Msp30 | ||
| Belden Hirschmann Msp32 | ||
| Belden Hirschmann Rail Switch Power Lite | ||
| Belden Hirschmann Rail Switch Power Smart | ||
| Belden Hirschmann Red25 | ||
| Belden Hirschmann Rsp20 | ||
| Belden Hirschmann Rsp25 | ||
| Belden Hirschmann Rsp30 | ||
| Belden Hirschmann Rsp35 | ||
| Belden Hirschmann Rspe30 | ||
| Belden Hirschmann Rspe32 | ||
| Belden Hirschmann Rspe35 | ||
| Belden Hirschmann Rspe37 | ||
| Belden Hirschmann Hios | <=07.5.01 | |
| Belden Hirschmann Msp40 | ||
| Belden Hirschmann Octopus Os3 | ||
| Belden Hirschmann Hios | <=07.2.04 | |
| Belden Hirschmann Dragon Mach4000 | ||
| Belden Hirschmann Dragon Mach4500 | ||
| Belden Hirschmann Hios | <=05.3.06 | |
| Belden Hirschmann Eagle One | ||
| Belden Hirschmann Eagle20 | ||
| Belden Hirschmann Eagle30 | ||
| Belden Garrettcom Magnum Dx940e Firmware | <=1.0.1_y7 | |
| Belden Garrettcom Magnum Dx940e |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009
- https://security.netapp.com/advisory/ntap-20190802-0001/
- https://support.f5.com/csp/article/K41190253
- https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12258
- https://support2.windriver.com/index.php?page=security-notices
- https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/tags
- agent/event
- agent/weakness
- agent/type
- agent/description
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/windriver
- canonical/windriver vxworks
- version/windriver vxworks/6.5
- version/windriver vxworks/7.0
- vendor/sonicwall
- canonical/sonicwall sonicos
- version/sonicwall sonicos/5.9.0.0
- version/sonicwall sonicos/5.9.0.7
- version/sonicwall sonicos/5.9.1.0.
- version/sonicwall sonicos/5.9.1.12
- version/sonicwall sonicos/6.2.0.0
- version/sonicwall sonicos/6.2.3.1
- version/sonicwall sonicos/6.2.4.0
- version/sonicwall sonicos/6.2.4.3
- version/sonicwall sonicos/6.2.5.0
- version/sonicwall sonicos/6.2.5.3
- version/sonicwall sonicos/6.2.6.0
- version/sonicwall sonicos/6.2.6.1
- version/sonicwall sonicos/6.2.7.0
- version/sonicwall sonicos/6.2.7.4
- version/sonicwall sonicos/6.2.9.0
- version/sonicwall sonicos/6.2.9.2
- version/sonicwall sonicos/6.5.0.0
- version/sonicwall sonicos/6.5.0.3
- version/sonicwall sonicos/6.5.1.0
- version/sonicwall sonicos/6.5.1.4
- version/sonicwall sonicos/6.5.2.0
- version/sonicwall sonicos/6.5.2.3
- version/sonicwall sonicos/6.5.3.0
- version/sonicwall sonicos/6.5.3.3
- version/sonicwall sonicos/6.5.4.0.
- version/sonicwall sonicos/6.5.4.3
- version/sonicwall sonicos/6.2.7.1
- version/sonicwall sonicos/6.2.7.7
- vendor/siemens
- canonical/siemens siprotec 5 firmware
- canonical/siemens siprotec 5
- vendor/netapp
- canonical/netapp e-series santricity os controller
- version/netapp e-series santricity os controller/8.00
- version/netapp e-series santricity os controller/8.40.50.00
- canonical/siemens power meter 9410 firmware
- canonical/siemens power meter 9410
- canonical/siemens power meter 9810 firmware
- canonical/siemens power meter 9810
- canonical/siemens ruggedcom win7000 firmware
- canonical/siemens ruggedcom win7000
- canonical/siemens ruggedcom win7018 firmware
- canonical/siemens ruggedcom win7018
- canonical/siemens ruggedcom win7025 firmware
- canonical/siemens ruggedcom win7025
- canonical/siemens ruggedcom win7200 firmware
- canonical/siemens ruggedcom win7200
- vendor/belden
- canonical/belden hirschmann hios
- version/belden hirschmann hios/07.0.07
- canonical/belden hirschmann ees20
- canonical/belden hirschmann ees25
- canonical/belden hirschmann eesx20
- canonical/belden hirschmann eesx30
- canonical/belden hirschmann grs1020
- canonical/belden hirschmann grs1030
- canonical/belden hirschmann grs1042
- canonical/belden hirschmann grs1120
- canonical/belden hirschmann grs1130
- canonical/belden hirschmann grs1142
- canonical/belden hirschmann msp30
- canonical/belden hirschmann msp32
- canonical/belden hirschmann rail switch power lite
- canonical/belden hirschmann rail switch power smart
- canonical/belden hirschmann red25
- canonical/belden hirschmann rsp20
- canonical/belden hirschmann rsp25
- canonical/belden hirschmann rsp30
- canonical/belden hirschmann rsp35
- canonical/belden hirschmann rspe30
- canonical/belden hirschmann rspe32
- canonical/belden hirschmann rspe35
- canonical/belden hirschmann rspe37
- version/belden hirschmann hios/07.5.01
- canonical/belden hirschmann msp40
- canonical/belden hirschmann octopus os3
- version/belden hirschmann hios/07.2.04
- canonical/belden hirschmann dragon mach4000
- canonical/belden hirschmann dragon mach4500
- version/belden hirschmann hios/05.3.06
- canonical/belden hirschmann eagle one
- canonical/belden hirschmann eagle20
- canonical/belden hirschmann eagle30
- canonical/belden garrettcom magnum dx940e firmware
- version/belden garrettcom magnum dx940e firmware/1.0.1_y7
- canonical/belden garrettcom magnum dx940e