Details of VAR-201703-1387

ID

VAR-201703-1387

TITLE

Suricata IDS Security Bypass Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2017-02321

DESCRIPTION

SuricataIDS is a network intrusion detection system, intrusion prevention system and network security monitoring engine. There is a security bypass vulnerability in SuricataIDS. Because of logical flaws, an attacker can exploit a vulnerability to bypass security.

Trust: 0.6

sources: CNVD: CNVD-2017-02321

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2017-02321

AFFECTED PRODUCTS

vendor:	suricata	model:	ids	scope:	eq	version:	3.2.*<3.2.13.13	Trust: 0.6
vendor:	suricata	model:	ids	scope:	lte	version:	<=3.1.3	Trust: 0.6

sources: CNVD: CNVD-2017-02321

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2017-02321
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2017-02321
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2017-02321

PATCH

title:

SuricataIDS security bypass vulnerability patch

url:

https://www.cnvd.org.cn/patchinfo/show/89917

Trust: 0.6

sources: CNVD: CNVD-2017-02321

EXTERNAL IDS

db:	CXSECURITY	id:	WLB-2017020165	Trust: 0.6
db:	CNVD	id:	CNVD-2017-02321	Trust: 0.6

sources: CNVD: CNVD-2017-02321

REFERENCES

url:

https://cxsecurity.com/issue/wlb-2017020165

Trust: 0.6

sources: CNVD: CNVD-2017-02321

SOURCES

db:

CNVD

id:

CNVD-2017-02321

LAST UPDATE DATE

2022-05-17T02:08:04.554000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2017-02321

date:

2017-03-03T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2017-02321

date:

2017-03-02T00:00:00