CVE Vulnerability

CVE-2019-5613

In FreeBSD 12.0-RELEASE before 12.0-RELEASE-p13, a missing check in the ipsec packet processor allows reinjection of an old packet to be accepted by the ipsec endpoint. Depending on the higher-level protocol in use over ipsec, this could allow an action to be repeated.

7.5 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 6.4

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

Scope

9.8 /10

CVSS v3.0 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://security.FreeBSD.org/advisories/FreeBSD-SA-20:02.ipsec.asc Patch Vendor Advisory
Configurations

Configuration 1

cpe:2.3:o:freebsd:freebsd:12.0:p1:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:12.0:-:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:12.0:p3:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:12.0:p2:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:12.0:p4:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:12.0:p6:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:12.0:p8:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:12.0:p7:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:12.0:p9:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:12.0:p10:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:12.0:p11:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:12.0:p12:*:*:*:*:*:*
Information

Published : 2020-02-18 04:15

Updated : 2020-03-05 04:44

NVD link : CVE-2019-5613

Mitre link : CVE-2019-5613

Products Affected
No products.
CWE
CWE-345