CVE-2016-20009

Published Mar 11, 2021

Last updated 3 months ago

CVSS critical 9.8

Overview

Description: A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Source: cve@mitre.org
NVD status: Modified
CNA Tags: unsupported-when-assigned

Risk scores

CVSS 3.1

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-787

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B41CC977-326E-4BEE-BC9A-93A64C8628D4",
            "versionEndIncluding": "7.0",
            "versionStartIncluding": "6.5"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:sgt-100_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "988EC5E4-0049-4072-A4BD-BD528C033805"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:sgt-100:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E678D371-C274-4E49-8485-AB3D1835B822"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:sgt-200_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4F25DE38-9193-4350-9B1F-B6441AC7047B"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:sgt-200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CB1B10D2-C5E7-4C0D-9BED-606FB1C01276"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:sgt-300_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FB59465A-3F1C-4035-B6BE-B4F8FAAAB4DC"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:sgt-300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "15B3EAEB-E209-4A6A-AA04-9497A8D47703"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:sgt-400_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8B39AD60-6DCB-4466-A5AD-98ACCF1E08B2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:sgt-400:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8D3FA43D-2BDA-4CBC-B6CB-E674CECAC086"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:sgt-a20_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "58C64347-8FB3-403D-A4BA-ABA5FE89AE4A"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:sgt-a20:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "23F32AEA-E2E9-417C-8C86-A08004F377C2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:sgt-a35_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "32671BC6-DBED-41FB-B61F-553A70819FA0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:sgt-a35:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1D3F0086-DF1D-4EFF-BA2A-8F9ED2A8FCAE"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:sgt-a65_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "15B1A88C-7FC3-456F-A0E5-157EADBF8012"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:sgt-a65:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8F46F8C7-A7DD-4CD4-9DF8-04C7B9ABC89B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References