Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2022-24809

Опубликовано: 16 апр. 2024
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 6.5

Описание

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-only credentials can use a malformed OID in a GET-NEXT to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range.

РелизСтатусПримечание
bionic

released

5.7.3+dfsg-1.8ubuntu3.7
devel

released

5.9.1+dfsg-4ubuntu2
esm-infra-legacy/trusty

released

5.7.2~dfsg-8.1ubuntu3.3+esm3
esm-infra/bionic

released

5.7.3+dfsg-1.8ubuntu3.7
esm-infra/focal

released

5.8+dfsg-2ubuntu2.4
esm-infra/xenial

released

5.7.3+dfsg-1ubuntu4.6+esm1
focal

released

5.8+dfsg-2ubuntu2.4
impish

ignored

end of life
jammy

released

5.9.1+dfsg-1ubuntu2.2
kinetic

released

5.9.1+dfsg-4ubuntu2

Показывать по

Ссылки на источники

EPSS

Процентиль: 34%
0.00135
Низкий

6.5 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2022-24809

CVSS3: 5.9
redhat
больше 3 лет назад

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-only credentials can use a malformed OID in a `GET-NEXT` to the `nsVacmAccessTable` to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range.

nvd логотип

CVE-2022-24809

CVSS3: 6.5
nvd
больше 1 года назад

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-only credentials can use a malformed OID in a `GET-NEXT` to the `nsVacmAccessTable` to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range.

debian логотип

CVE-2022-24809

CVSS3: 6.5
debian
больше 1 года назад

net-snmp provides various tools relating to the Simple Network Managem ...

fstec логотип

BDU:2024-06508

CVSS3: 6.5
fstec
больше 1 года назад

Уязвимость функции nsVacmAccessTable() в компоненте OID Handler набора программного обеспечения Net-SNMP операционной системы Linux, позволяющая нарушителю оказать воздействие на целостность данных

suse-cvrf логотип

SUSE-SU-2022:4205-1

suse-cvrf
почти 3 года назад

Security update for net-snmp

EPSS

Процентиль: 34%
0.00135
Низкий

6.5 Medium

CVSS3