Belden Hirschmann HiOS 07.0.04

CPE Details

Belden Hirschmann HiOS 07.0.04
belden
hirschmann_hios
07.0.04
2021-02-18
13h52 +00:00
2021-06-17
13h38 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:belden:hirschmann_hios:07.0.04:*:*:*:*:*:*:*

Informations

Vendor

belden

Product

hirschmann_hios

Version

07.0.04

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-9307 2021-02-11 19h32 +00:00 Hirschmann OS2, RSP, and RSPE devices before HiOS 08.3.00 allow a denial of service. An unauthenticated, adjacent attacker can cause an infinite loop on one of the HSR ring ports of the device. This effectively breaks the redundancy of the HSR ring. If the attacker can perform the same attack on a second device, the ring is broken into two parts (thus disrupting communication between devices in the different parts).
6.5
Medium
CVE-2019-12262 2019-08-14 17h18 +00:00 Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and 7 has Incorrect Access Control in the RARP client component. IPNET security vulnerability: Handling of unsolicited Reverse ARP replies (Logical Flaw).
9.8
Critical
CVE-2019-12261 2019-08-09 18h27 +00:00 Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host.
9.8
Critical
CVE-2019-12260 2019-08-09 18h18 +00:00 Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option.
9.8
Critical
CVE-2019-12258 2019-08-09 18h00 +00:00 Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. This is a IPNET security vulnerability: DoS of TCP connection via malformed TCP options.
7.5
High
CVE-2019-12255 2019-08-09 17h18 +00:00 Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow.
9.8
Critical
CVE-2019-12265 2019-08-09 16h14 +00:00 Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Leak in the IGMPv3 client component. There is an IPNET security vulnerability: IGMP Information leak via IGMPv3 specific membership report.
5.3
Medium
CVE-2019-12263 2019-08-09 16h10 +00:00 Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There is an IPNET security vulnerability: TCP Urgent Pointer state confusion due to race condition.
8.1
High
CVE-2019-12259 2019-08-09 16h05 +00:00 Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing.
7.5
High
CVE-2019-12256 2019-08-09 15h57 +00:00 Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets’ IP options.
9.8
Critical
CVE-2019-12257 2019-08-09 15h49 +00:00 Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP client component. There is an IPNET security vulnerability: Heap overflow in DHCP Offer/ACK parsing inside ipdhcpc.
8.8
High
CVE-2019-12264 2019-08-05 15h34 +00:00 Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4 assignment by the ipdhcpc DHCP client component.
7.1
High