EdgeMAX EdgeSwitch up to 1.8.1 SSH CLI Interface Crash denial of service

A vulnerability was found in EdgeMAX EdgeSwitch up to 1.8.1 and classified as problematic. This issue affects an unknown functionality of the component SSH CLI Interface. The manipulation with an unknown input leads to a denial of service vulnerability (Crash). Using CWE to declare the problem leads to CWE-404. Impacted is availability.

The weakness was published 07/10/2019. The identification of this vulnerability is CVE-2019-5445 since 01/04/2019. The successful exploitation requires a single authentication. Neither technical details nor an exploit are publicly available.

Upgrading to version 1.8.2 eliminates this vulnerability.

Similar entry is available at 137706.

Vendor

• EdgeMAX

Name

• EdgeSwitch

• 🔒
• 🔒

• 🔒
• 🔒

VulDB Meta Base Score: 3.5
VulDB Meta Temp Score: 3.4

VulDB Base Score: 3.5
VulDB Temp Score: 3.4
VulDB Vector: 🔒
VulDB Reliability: 🔍

VulDB Base Score: 🔒
VulDB Temp Score: 🔒
VulDB Reliability: 🔍
Class: Denial of service / Crash (CWE-404)
Local: Yes
Remote: No

Availability: 🔒
Status: Not defined

Price Prediction: 🔍
Current Price Estimation: 🔒

Threat Intelligenceinfoedit

Threat: 🔍
Adversaries: 🔍
Geopolitics: 🔍
Economy: 🔍
Predictions: 🔍
Remediation: 🔍Recommended: Upgrade
Status: 🔍

0-Day Time: 🔒

Upgrade: EdgeSwitch 1.8.2

01/04/2019 CVE assigned
07/10/2019 +187 days Advisory disclosed
07/11/2019 +1 days VulDB entry created
07/11/2019 +0 days VulDB last update
CVE: CVE-2019-5445 (🔒)
See also: 🔒Created: 07/11/2019 12:50 PM
Complete: 🔍

Comments

Comments are closed.