Lucene search

MitreCVE-2017-18859

HistoryApr 28, 2020 - 5:15 p.m.

CVE-2017-18859

2020-04-2817:15:12

mitre

web.nvd.nist.gov

netgear

slowdown

stoppage

vulnerability

cve-2017-18859

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.5

Confidence

High

EPSS

0.001

Percentile

42.5%

JSON

Certain NETGEAR devices are affected by slowdown/stoppage. This affects C6300 before 2017-05-30, CM400 before 2017-05-30, CM700 before 2017-05-30, and CMD31T before 2017-05-30.

Affected configurations

Nvd

Node

netgearc6300Match-

AND

netgearc6300_firmwareRange<2017-05-30

Node

netgearcm400Match-

AND

netgearcm400_firmwareRange<2017-05-30

Node

netgearcm700Match-

AND

netgearcm700_firmwareRange<2017-05-30

Node

netgearcmd31tMatch-

AND

netgearcmd31t_firmwareRange<2017-05-30

VendorProductVersionCPE
netgearc6300-cpe:2.3:h:netgear:c6300:-:*:*:*:*:*:*:*
netgearc6300_firmware*cpe:2.3:o:netgear:c6300_firmware:*:*:*:*:*:*:*:*
netgearcm400-cpe:2.3:h:netgear:cm400:-:*:*:*:*:*:*:*
netgearcm400_firmware*cpe:2.3:o:netgear:cm400_firmware:*:*:*:*:*:*:*:*
netgearcm700-cpe:2.3:h:netgear:cm700:-:*:*:*:*:*:*:*
netgearcm700_firmware*cpe:2.3:o:netgear:cm700_firmware:*:*:*:*:*:*:*:*
netgearcmd31t-cpe:2.3:h:netgear:cmd31t:-:*:*:*:*:*:*:*
netgearcmd31t_firmware*cpe:2.3:o:netgear:cmd31t_firmware:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
netgear	c6300	-	cpe:2.3:h:netgear:c6300:-:::::::*
netgear	c6300_firmware	*	cpe:2.3:o:netgear:c6300_firmware::::::::
netgear	cm400	-	cpe:2.3:h:netgear:cm400:-:::::::*
netgear	cm400_firmware	*	cpe:2.3:o:netgear:cm400_firmware::::::::
netgear	cm700	-	cpe:2.3:h:netgear:cm700:-:::::::*
netgear	cm700_firmware	*	cpe:2.3:o:netgear:cm700_firmware::::::::
netgear	cmd31t	-	cpe:2.3:h:netgear:cmd31t:-:::::::*
netgear	cmd31t_firmware	*	cpe:2.3:o:netgear:cmd31t_firmware::::::::

References

kb.netgear.com/000038560/Security-Advisory-for-Vulnerability-on-Select-Cable-Modems-and-Gateways-PSV-2017-2165

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.5

Confidence

High

EPSS

0.001

Percentile

42.5%

JSON

Related for CVE-2017-18859