CVE-2022-38767

Published Nov 25, 2022

Last updated 2 years ago

CVSS high 7.5

Overview

Description: An issue was discovered in Wind River VxWorks 6.9 and 7, that allows a specifically crafted packet sent by a Radius server, may cause Denial of Service during the IP Radius access procedure.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2E27E761-92D8-4A67-8D23-213E0C7BFFC6",
            "versionEndExcluding": "6.9.4.12",
            "versionStartIncluding": "6.9"
          },
          {
            "criteria": "cpe:2.3:o:windriver:vxworks:6.9.4.12:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "69674D4D-2848-46BA-9367-7AA85EE2CD99"
          },
          {
            "criteria": "cpe:2.3:o:windriver:vxworks:6.9.4.12:rolling_cumulative_patch_layer1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1052B8F5-1BC4-46B6-A8F1-F1BF9A40DDAF"
          },
          {
            "criteria": "cpe:2.3:o:windriver:vxworks:6.9.4.12:rolling_cumulative_patch_layer2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7AABF1E5-DA6B-462D-A047-EC843F94568E"
          },
          {
            "criteria": "cpe:2.3:o:windriver:vxworks:6.9.4.12:rolling_cumulative_patch_layer3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4C6D5D36-9CD0-4F54-B486-2FA1ECDFA8A4"
          },
          {
            "criteria": "cpe:2.3:o:windriver:vxworks:6.9.4.12:rolling_cumulative_patch_layer4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6D9DC783-9D1E-4478-83DF-CF38774B4CF3"
          },
          {
            "criteria": "cpe:2.3:o:windriver:vxworks:6.9.4.12:rolling_cumulative_patch_layer5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AF75490C-3BC7-46C2-9FB6-BBA317185023"
          },
          {
            "criteria": "cpe:2.3:o:windriver:vxworks:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D4810B35-06F6-4971-BE87-A30B1CF58AA0"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References