Denial of Service Vulnerability in Suricata by Open Information Security Foundation
CVE-2019-1010251
7.5HIGH
Key Information:
- Status
- Vendor
- CVE Published:
- 18 July 2019
What is CVE-2019-1010251?
A vulnerability in Suricata allows an attacker to bypass DNS signature detection by crafting specific network packets. This issue impacts several components, including app-layer-detect-proto.c, decode.c, decode-teredo.c, and decode-ipv6.c. Attackers can exploit this vulnerability to evade detection mechanisms, potentially compromising the integrity of network security measures. It is essential for users to upgrade to version 4.1.2 or later to mitigate this risk.
Affected Version(s)
Suricata prior to version 4.1.2 [fixed: 4.1.2]
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved